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Serb  supporters  sock  it  to 
NATO  and  U.S.  computers 


BY  ELLEN  MESSMER 

BRUSSELS,  BELGIUM  — 
Today’s  news  is  filled  with 
images  of  downed  planes,  cap¬ 
tured  soldiers,  and  refugees  in 
Kosovo.  But  there  is  another 
war  being  waged,  one  that  pits 


pro-Serbian  hackers  against  IJ.S. 
and  NATO  computers. 

The  same  week  a  U.S. 
F-l  17A  stealth  fighter  was  lost 
over  Yugoslavia,  a  NATO  Web 
server  here  was  shot  down  by 
denial-of-service  attacks,  which 
See  Cyberwar,  page  10 


Battle  your 


BY  DENISE 
PAPPALARDO 
AND  JEFF  CARUSO 

Control:  Users  want  more  of 
it  when  dealing  with  their 
WANs,  and  bandwidth  manage¬ 
ment  vendors  are  lining  up  the 
goods  to  make  it  happen. 

Orchestream,  NetReality  and 
Allot  Communications  are 
rolling  out  products  that  will 
let  users  divvy  up  their  band¬ 
width  using  standards-based 


bandwidth 


technology  and  centralized  pol¬ 
icy  management  systems. 

Orchestream  later  this 
month  will  unveil  its  Orche- 
stream/Enterprise  server  soft¬ 
ware.  Orchestream/Enterprise 
establishes  quality-of-service 
policies  throughout  an  enter¬ 
prise  network  using  the 
IETF’s  Differentiated  Services 
(Diff-Serv). 

Diff-Serv  is  an  IETF  spec¬ 
ification  that  lets  network 
executives  set  a  variety  of  class- 


demons 


es  of  service  over  WAN  con¬ 
nections.  By  marking  the  head¬ 
er  of  an  IP  packet  with  the 
appropriate  tag,  each  router  or 
switch  supporting  Diff-Serv  will 
know  how  to  classify  that  IP 
packet,  based  on  the  policies  the 
network  executive  has  estab¬ 
lished.  For  end-to-end  support. 
See  Bandwidth,  page  10 


The  network  portal:  www.nwfnsion.eoni 


Stopping  the 
next  Melissa 


Users  urge  Microsoft  to  lead  antivirus  charge. 


61999  MARK  KOZLOWSK!  -  STOCKLINE 


BY  PAUL  MCNAMARA 

Now  that  last  week’s  e-mail 
virus  epidemic  has  subsided, 
a  question  vexes  network 
executives:  What  can  be  done 
to  prevent  the  children  of 
Melissa  from  causing  even 
greater  harm  in  the  future? 

There  is  no  single  answer, 
experts  agree.  Network  World 
posed  the  question  to  more 
than  a  dozen  network  profes¬ 
sionals  who  attended  last 
week’s  Electronic  Messaging 
Association  conference  in 
Dallas  as  their  colleagues 
struggled  with  Melissa  back 
home.  Among  the  consensus 
views: 

•  Software  vendors  in  gen¬ 
eral,  and  Microsoft  in  particu¬ 
lar,  must  work  harder  to  stay 
ahead  of  the  problem,  espe¬ 
cially  regarding  “information- 
gathering”  viruses  like  Melissa. 

•  Network  administrators 


need  tighter  and  more  granu¬ 
lar  controls  over  macros  that 
enter  their  networks  via 
See  Melissa,  page  51 
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Lotus  enhances  its  flagship 
product's  many  strengths  as 


a  server 


and  a 


Running  your  network,  doesn't  have 
to  be  so  expensive.  Here  are  10  way 
to  save.  By  Network  World!  Staff 


Tip  1:  Spiff  up  servers 

IT  pros  often  look  for  a  quick  fix.  If  data  access 
is  slowing  down,  for  instance,  the  easiest  thing 
to  do  might  be  to  toss  in  another  $36,000  server.  But  it 
might  be  wise  to  think  twice.  Instead  of  buying  a  new 
box,  use  an  inexpensive  tool,  such  as  Microsoft’s  Windows 
NT  Task  Manager  or  Network  Associates’  Sniffer  Basic, 
to  isolate  your  network  bottleneck.  You  may  find  that 
your  network’s  problem  can  be  easily  fixed  without  that 
new  server.  Maybe  some  RAM  will  help.  According  to 
Dell’s  Online  Store  configurator,  you  can  boost  your 
RAM  from  5 1 2M  bytes  to  2G  bytes  for  about  $5,400. 

See  Savings,  page  52 
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“Since  installing  Windows  NT  on  HP  NetServers, 
determines  downtime:  me.” 


01999 


only  one  thing 


“It  was  like  a  startup  opportunity:  two  of  our  subsidiaries 
merged  into  one  new  location.  Bottom  line?  On  day  one, 
500  employees  came  in,  logged  on,  and  worked  as  usual. 
And  in  the  year  since  installing  Microsoft8  Windows  NT8 
Server  4.0  on  HP  NetServers  we  haven’t  had  any  unplanned 
downtime.  This  is  great  news  for  the  entire  IT  staff— all 
five  of  us.” 


Ray  Kump,  Director  of  IT 
Mitsubishi  Electric  Automation 
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Windows  NT 

Server  4.0 


www.microsoft.com/go/caseStudy/Reliability 


Microsoft 


Now  the  fastest  NICs  are  also  the  smartest. 
That’s  because  3Com®  desktop  and  server 
NICs  raise  the  IQ  of  your  entire  network. 


Standards-based 
DynamicAccess® 
technology  adds  intelligence  to  3Com 
NICs  for  effective  solutions  to  complex  IS 
problems.  Traffic  Prioritization  lets  you 
optimize  the  network  to  support  business 
critical  applications.  Resilient  Server  Links 
ensure  that  your  server  stays  connected.  And 
Load  Balancing  guarantees  higher  bandwidth 
between  the  server  and  the  switch. 

Plus,  3Com  NICs  lower  your  total  cost 
of  ownership.  They  include  complete  PC 
management  features  so  you  can  manage 
PC  resources  from  a  central  location,  even  if 
a  PC  can’t  boot.  And  they  support  virtually 
every  operating  system  and  management 
application,  not  just  a  few.  So  you  can  bring 
intelligence  to  your  network  today,  without 
worrying  about  what  will  happen  in  the 
industry  tomorrow. 

What’s  more,  3Com  “thinking  NICs”  are 
Y2K  compliant  and  ready  for  evaluation  right 
now.  So  visit  www.3com.com/outsmart/nics 
for  more  information  and  the  facts  about  our 
special  evaluation  offers.  Because  there’s 
no  smarter  way  to  increase  the  performance 
of  your  network. 


3COM  DESKTOP  AND  SERVER  NICS. 
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THIS  WEEK 
ONLINE 


Selecting  an  ISP.  The  Motley  Fool's 
technical  fools  continue  their  class. 
This  week:  What  to  do  with  all  your 
gear  before  you  have  it  shipped  to 
the  ISP.  Don't  forget  to  label  every 
last  box  and  wire  with  an  IP  num¬ 
ber.  DocFinder:  2328 

Buying  a  router.  Ron  Nutter 
answers  a  related  question  in 
his  "Help  Desk"  column:  A  user 
getting  his  company's  Internet 
connection  ready  has  to  decide 
between  getting  a  router  from  the 
ISP  (which  the  ISP  is  pushing)  or 
buying  one  the  company  would 
own  (which  his  management  is 
pushing).  What  should  he  do? 
DocFinder:  2348 

ATM.  A  user  has  an  ATM  box  with 
multimode  fiber  ports  that  are  only 
supposed  to  reach  devices  2  km 
away.  Is  there  any  way  for  him  to 
connect  to  sites  farther  away,  say, 
3  km?  DocFinder:  2347 

Name  that  Toon.  We  have  a  win¬ 
ner  in  our  competition.  See  what 
caption  won  Jeff  Laliberty  a  T-shirt. 
Plus,  read  all  the  other  entries. 

DocFinder:  2334 


HHHga  Keeping  Current. 

If#  |  Last  week,  Fred 
J  J  McClimans  urged  you 
ffay  'A  to  go  slow  on  conver- 
gence.  This  week,  he 
explores  the  topic  in  more  depth  - 
there  are  several  different  waves 
of  technology-melding  going  on, 
and  each  has  different  ramifica¬ 
tions.  DocFinder:  2350 


Melissa.  If  the  guy  they  arrested 
last  week  is  convicted,  how  should 
they  punish  him?  Take  our  insta- 
poll  and  discuss  it  in  our  Melissa 
Forum.  DocFinder:  2329 


Gigabit  Ethernet.  Now  that  it's 
becoming  commonplace,  what's 
next?  News  Director  Bob  Brown 
discusses  Gigabit  Ethernet  online 

DocFinder:  2351 


How  to  get  onto 
Network  World  Fusion 

Click  on  Register  on  the  home  page 
and  follow  the  instructions. 
Subscribers,  keep  your  NWF  number 
—  highlighted  on  the  front  cover's 
mailing  label  —  handy  during 
registration.  Nonsubscribers 
must  fill  out  an  online 
registration  form. 
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Going  the  wireless  distance 

An  Irish  company  called  Supergold  last 
week  announced  an  encoding  technique 
that  makes  it  possible  to  use  infrared 
technology  to  support  20M  bit/sec  wire¬ 
less  data  links  over  distances  of  up  to  10 
meters. 

This  breakthrough  has  huge  implications 
for  wireless  LANs  because  most  work  at 
about  2M  bit/sec  speeds. 

Ultimately  the  technology  should  be  able 
to  support  50M  bit/sec  at  distances  of  up  to 
20  meters,  and  perhaps  even  100M  bit/sec. 
The  same  technology  can  be  used  with 
radio  frequencies,  in  which  case,  it  can  be 
expected  to  double  the  current  1 1M  bit/sec 
Code  Division  Multiple  Access  standard  rate 
to  22M  bit/sec. 

Supergold  is  currently  discussing  the 
technology  with  product  manufacturers 
and  envisions  equipment  costing  less  than 
$100  per  node. 


Hey  Larry,  people  are  trying  to 
sleep  down  here! 

San  Jose  officials  want  Oracle  CEO  Larry 
Ellison  to  get  home  at  a  more  reasonable 
hour. 

It  seems  that  Ellison  —  in  his  new  $38  mil¬ 
lion  Gulfstream  V  jet  —  has  violated  the  San 
Jose  International  Airport’s  1 1 :30  p.tn.  curfew 
six  times  in  the  past  nine  months.  Published 
reports  say  city  officials 
have  written  to  Elli¬ 
son  and  his  pilot 
three  times  in  an 
F,'j  effort  to  curb  the 
CEO’s  late  arrivals, 
which  have  been  as 
late  as  12:30  a.m. 

Curfew  violations  carry  no  automatic 
fines  or  penalties,  but  officials  can  get  a 
court  order  to  force  private  or  commercial 
pilots  to  obey  the  curfew. 


New  training  program:  The  MPCE 
(Microsoft  Point-and-Click  Engineer) 

From  the  “Get  a  Life”  files:  12  students  in 
a  Microsoft  Certified  Systems  Engineer 
(MCSE)  course  at  Southern  Methodist 
University'  recently  sued  the  school  for  mis¬ 
representing  the  ease  of  the  training  course. 
It  seems  as  if  the  course  was  a  little  tougher 
than  they  thought  it  would  be. 

“The  students  were  told  if  you  can  point 
and  click,  that  is  fine,  and  you  will  be  able  to 
pass  the  MCSE  [test] ,”  claims  their  attorney, 
Jason  Crawson.  “These  students  were  over¬ 
sold.”  Most  of  the  students  quit  full-time  jobs 
to  pursue  promises  of  a  well-paid  specialty, 
he  says. 

Several  of  the  students  did  not  have  com¬ 
puter  experience,  and  others  only  had  word 
processing  experience.  The  students  are 
seeking  refunds  for  the  course  and  com¬ 
pensation  for  lost  wages. 


Patient  Lotus  Notes  and  Domino 
users  rewarded  —  finally 

Lotus  last  week  shipped  the  long-awaited 
5.0  versions  of  its  flagship  Notes  and  Domino 
software. 


This  was  more  than  a  year  later  than 
originally  scheduled  and  an  embarrassing 
month  after  CEO 
Jeff  Papows’  bro¬ 
ken  promise  of  a 
February  delivery. 

Under  the  cir¬ 
cumstances,  it 
seems  almost  un¬ 
necessary  to  note 
that  the  specific 
launch  date  was, 
you  guessed  it, 

April  Fool  s  Day.  Papows'  Notes/Domino 

Delays  aside,  prediction  fell  short. 
Lotus  has  a  lot 

riding  on  this  new  Notes  software,  which 
features  a  radically  redesigned  browserlike 
interface. 

For  the  first  time,  the  package  will  be 
marketed  as  a  stand-alone  e-mail  client,  in 
addition  to  being  the  favored  front  end  for 
the  Domino  server  (see  review,  page  12). 


Internet  peep  show 

Between  1 5%  and  30%  of  the  people  who 
use  the  Internet  daily  visit  sexually  explicit 
sites  or  engage  in  cybersex  chat,  according 
to  a  study  released  recently  by  Alvin  Cooper 
of  Stanford  University. 

Not  surprisingly  to  some  observers,  86% 
of  those  who  participated  in  such  activities 
were  men. 

The  study  found  women  who  use  the 
’Net  for  sex  pursuits  primarily  visit  chat 
rooms.  Men,  on  the  other  hand,  view  sexu¬ 
ally  explicit  graphical  content. 

Although  most  erotic  Web  sites  are  tar¬ 
geted  at  men,  woman  aren’t  exactly  wall¬ 
flowers:  Some  20%  of  the  women  in  the 
study  visited  sexually  explicit  sites. 

Women  are  more  able  to  experiment  sex¬ 
ually  online  because  of  the  “  ‘triple  A’  of  the 
Internet  —  access,  affordability  and 
anonymity,”  Cooper  says.  Three  out  of  four 
people  keep  their  activity  secret.  People 
rarely  lie  about  their  gender,  but  often  lie 
about  their  age. 


Internet  peep  show  II 

Blue  door,  indeed.  Intel’s  recent  Pentium 
III  ad  campaign  on  TV  invites  children  to 
visit  a  world  behind  a  blue  door  to  see  a 
variety  of  delightful  images. 

But  if  you  enter  www.bluedoor.com, 
you’ll  see  a  world  of  sexy  eye  candy  for  pur¬ 
chase  and  sale,  hardly  something  Intel 
intended. 

Intel  has  tried  to  buy  the  name  of  the  site, 
but  the  owner  declined,  saying  that  his  is  a 
classy  site  for  all  forms  of  “blue  movies.” 


Foundry's  WAN  play 


BY  ROBIN 

SCHREIER  HOHMAN 

SUNNYVALE,  CALIF.  — 
Looking  to  expand  beyond 
campus  networks,  switching 
router  maker  Foundry  Net¬ 
works  is  readying  its  first  WAN 
modules. 

Sources  say  the  company 
plans  to  introduce  three 
SONET  modules  for  its  Biglron 
switching  routers  that  will 
enable  customers  to  support 
speeds  up  to  622M  bit/sec. 

The  new  mod¬ 
ules,  to  be  un¬ 
veiled  at  Net- 
World+Interop 
99  next  month, 
should  make 
Foundry’s  four- 
and  eight-port 
routers  more 
appealing  to  ISPs 
and  carriers,  as 
well  as  to  corpo¬ 
rate  users  looking 
to  tie  buildings 
together. 

Foundry’s  eight- 
port  Biglron  8000  switching 
router  is  a  10/100/1000M 
bit/sec  Layer  2/3/4  backbone 
device  that  can  process  100 
million  packet/sec.  It  can  sup¬ 
port  up  to  64  Gigabit  Ethernet 
ports  or  up  to  184  10/100M 
bit/sec  ports. 

Foundry,  which  a  group  of 
industry  veterans  started  in 
1996,  is  trying  to  round  out  its 
product  line  before  going  pub¬ 
lic  later  this  year. 

The  company,  unlike  several 
other  Gigabit  Ethernet  equip¬ 
ment  makers  that  emerged 
around  the  same  time,  has 
eschewed  takeover  offers 
from  more  established  players. 


Foundry’s  decision  to  go  with 
packet-over-SONET  rather  than 
ATM  interesting,  given  that 
ATM  is  more  widely  used. 

More  modules 

Foundry  will  also  introduce 
beefed  up  management  mod¬ 
ules  with  eight  times  the 
memory  of  earlier  versions,  a 
faster  CPU  and  redundancy. 
Customers  will  also  be  able  to 
plug  two  modules  into  a  chas¬ 
sis,  and  the  modules  will  back 
up  each  other. 

The  manage¬ 
ment  modules 
feature  up  to 
eight  switch 
ports,  so  cus¬ 
tomers  can  sacri¬ 
fice  a  slot  to 
a  management 
module  without 
giving  up  switch¬ 
ing  capacity. 

Foundry  cus¬ 
tomer  Network 
Appliance  is  high 
on  the  new  man¬ 
agement  modules. 

“We’re  not  wasting  any 
ports  or  using  any  chassis  real 
estate  by  having  a  redundant 
module  in  there,”  says  Marsha 
Klapperman,  a  senior  net¬ 
work  engineer  for  Network 
Appliance. 

Foundry  will  begin  beta¬ 
testing  the  WAN  and  manage¬ 
ment  modules  shortly,  and 
expects  general  availability 
in  July. 

The  packet-over-SONET 
modules  will  cost  between 
$25,000  and  $45,000. 

The  management  modules 
will  have  0,  4,  6  and  8  ports, 
and  will  be  priced  between 
$15,000  and  $28,000.  E 


The  Biglron  8000  will 
soon  have  new  manage¬ 
ment  modules. 


Big  news  for  Biglron 

The  new  WAN  modules 
help  Foundry’s  Biglrons  stack 
up  better  against  Cisco’s  high- 
end  offerings,  such  as  the  7200 
and  7500  routers  and  the  GSR 
12000  switch  router.  These 
Cisco  devices  already  support 
packet-over-SONET.  The  GSR 
12000,  for  instance,  made  its 
debut  last  year  and  boasts  OC-3 
(155M  bit/sec)  and  OC-12 
(622M  bit/sec)  interfaces,  with 
OC-48  modules  on  the  way. 

Foundry’s  new  modules  will 
come  in  two-port  OC-3,  two- 
port  OC-12  and  four-port  OC- 
12  flavors.  Analysts  found 
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Could  the  world’s  leoding  companies  partner  with 
one  vendor  to  solve  customer  network  security  issues? 
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News 


A  summary  of  the  company’s  latest  actions. 
TALK  IS  CHEAP  .  .  . 

Last  week’s  settlement  talks 
between  Microsoft,  the  U.S. 

Department  of  Justice  and  the  19 
state  attorneys  general  apparently 
went  nowhere.  It  was  the  first 
time  the  parties  negotiated  since 
the  antitrust  trial  against  Micro¬ 
soft  recessed  in  late  February. 

Neither  side  would  disclose  specifics,  but  rumor  has  it 
Microsoft  is  willing  to  talk  about  making  Windows  APIs 
more  openly  available  to  developers.  But  Bill  Gates  said 
earlier  this  week  that  Microsoft  will  hold  its  ground  on 
two  points:  Windows  retains  its  integrity,  and  Microsoft 
maintains  the  right  to  add  innovations  to  its  products. 

The  parties  will  continue  to  meet  until  the  trial  resumes 
May  12. 

MAJOR  MILESTONES 

Microsoft  will  reportedly  be  ready  to  deliver  the  third 
beta  for  Windows  2000  on  April  21.  New  to  this  test  release 
are  support  for  Microsoft’s  revamped  object  technology 
called  COM+,  integration  with  Internet  Explorer  5.0  and 
some  set-up  utilities  that  make  it  easier  to  deploy  Active 
Directory.  Microsoft  is  even  contemplating  a  preview  pro¬ 
gram  under  which  users  can  buy  and  deploy  test  code. 

Microsoft  also  has  scheduled  June  10  to  be  the  date  the 
Office  2000  desktop  application  suite  hits  the  market.  It  was 
supposed  to  ship  in  March.  Office  2000’s  delay  cost  Micro¬ 
soft  an  estimated  $400  million  in  revenue  in  the  quarter. 

IN  RELATED  NEWS 

The  next  major  release  of  Microsoft  Exchange  Server, 
code-named  Platinum,  will  enter  beta  testing  next  month,  a 
company  executive  told  attendees  of  the  Electronic  Messag¬ 
ing  Association’s  annual  conference  in  Dallas  last  week.  The 
news  could  be  a  hopeful  sign  for  the  long-awaited  release  of 
the  Windows  2000  network  operating  system  because  Plati¬ 
num  must  be  run  on  that  platform  and  its  Active  Directory. 
Microsoft  has  long  promised  Platinum  would  arrive  90  to 
120  days  after  Windows  2000  is  delivered,  but  a  company 
spokesman  last  week  said  the  timetable  may  be  accelerated. 

“Were  hoping  to  follow  in  the  footsteps  of  Windows 
2000  as  quickly  as  possible,”  the  spokesman  said. 

—  Christine  Burns 
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Just  what  does  the 
Microsoft  shuffle  mean? 


BY  CHRISTINE 
BURNS 

Microsoft  last  week  re¬ 
organized  into  five  divisions, 
each  responsible  for  a  specific 
customer  segment.  The  com¬ 
pany  currently  has 
three  product- 

focused  groups. 

Microsoft  president 
Steve  Ballmer  last 
week  called  the 
corporate  shuffle 
“the  reinvention 
of  Microsoft.”  Net¬ 
work  World  ex¬ 
plores  what  these 
internal  changes  will 
mean  for  large  en¬ 
terprise  customers. 

Does  this  represent  a  signifi¬ 
cant  shift  in  Microsoft's  corpo¬ 
rate  structure? 

This  ranks  up  there  with  the 
company’s  1995  corporate 
shuffle  to  accommodate  the 
Internet.  That  said,  the  reorga¬ 
nization’s  effects  are  not  as  far- 
reaching  as  Microsoft’s  public 
relations  team  is  touting. 
Ballmer  says  the  new  groups 
are  formed  strictly  along  cus¬ 
tomer  lines  —  which  are  cor¬ 
porate  users,  knowledge  work¬ 
ers,  consumers  and  develop¬ 
ers.  But  a  closer  look  shows 
Microsoft  is  still  a  product- 
driven  company  at  heart. 

Jim  Allchin  still  oversees  all 
Windows  development  as 
head  of  both  the  Business  and 
Enterprise  and  Consumer  Win¬ 
dows  Division.  Bob  Muglia  is 
at  the  helm  of  the  Business 
Productivity  Group.  Although 
he’s  now  focusing  on  the  so- 
called  knowledge  workers, 
who  include  telecommuters 
and  home-office  workers, 
Muglia  remains  the  driving 
force  behind  all  the  Office  and 
BackOffice  applications. 

Developers  will  get  more 
attention  from  the  high-profile 
Paul  Maritz.  Maritz  will  ensure 
that  independent  software 
vendors  (ISV)  and  corporate 
developers  get  the  tools  they 
need  to  build  software  on  top 
of  Windows.  This  is  a  renewed 
effort  to  cater  to  ISVs. 

Microsoft  announced  that 
Windows  marketing  guru  Brad 
Chase  and  Office  Product  Line 


Manager  Jon  DeVaan  would 
play  major  roles  in  the 
Consumer  and  Commerce 
division.  But  that  didn’t  cloud 
the  fact  that  Microsoft  is  still 
headhunting  for  someone 
who  can  turn  its  haphazard 
collection  of  Web 
sites  into  a  formida¬ 
ble  competitor  to 
the  likes  of  America 
Online  and  Yahoo. 

Are  these  divi¬ 
sions  a  precursor  to 
how  Microsoft 
would  want  to  be 
broken  up  as  a  result 
of  the  federal  anti¬ 
trust  case  against  it? 

Absolutely  not; 
that’s  from  the 
mouth  of  Ballmer.  There  is  no 
splitting  into  separate  compa¬ 
nies  —  or  Baby  Bills  —  that  he 
and  Gates  would  be  amenable 
to,  let  alone  lay  the  ground¬ 
work  for. 

What  does  this  mean  for  the 
delivery  of  Windows  2000? 

With  this  upgrade  being 
more  than  a  year  late  already, 
the  shake-up  applies  a  little 
more  pressure  on  the  engi¬ 
neering  team  to  get  Windows 
2000  out  the  door.  By  all  indi¬ 
cations,  Microsoft  is  set  to 
release  Beta  3  of  Windows 
2000  later  this  month,  which  is 
a  good  sign  that  it  might  be 
able  to  ship  the  product 
before  year-end. 

The  company  will  likely 
stick  to  its  plans  for  a  common 
code  base  for  Win9X  and  NT 
products  and  will  continue  to 
integrate  its  browser  with  its 
operating  system  despite  the 
government’s  efforts  to  sepa¬ 
rate  the  two. 

Does  it  change  the  resources 
the  company  allocates  to  enter¬ 
prise  customers? 

The  former  Enterprise  Cus¬ 
tomer  Business  Unit  headed  by 
Deborah  Willingham  has  been 
rolled  into  Allchin’s  unit. 
Willingham  has  made  inroads 
into  Fortune  500  companies  by 
giving  them  the  direct  sales  dis¬ 
counts  and  customized  service 
agreements  they’re  used  to  get¬ 
ting  from  companies  such  as 
IBM  and  Hewlett-Packard.  3 


Ballmer:  Reorganiza¬ 
tion  should  help 
corporate  users. 
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Well  yes,  come  to  think  of  it,  they  could 


Virtually  everyone  knows  that  Network  Associates  is  the  largest  provider  of  network  security  and 


management  software.  So,  who  better  to  partner  with  the  industry’s  top  vendors  and  consulting  organizations 


TO  CREATE  A  NEW,  MORE  ACTIVE  APPROACH  FOR  SECURING  MISSION-CRITICAL  NETWORKS.  VATHIS  “ACTIVE  SECURITY”  BRINGS 


TOGETHER  OUR  B  EST-  O  F-  B  R  E  E  D  SECURITY  PRODUCTS,  LIKE  PGP  VPN,  GAUNTLET  FIREWALL  AND  CYBERCOP  INTRUSION 

Protection,  with  the  best  security  products  and  services  of  our  technological  partners.  The  result  is  an  ever- 

VIGILANT,  IMPENETRABLE  BARRIER  AGAINST  CYBER-TERRORISM.  SO,  HACKERS  BEWARE.  ^TO  LEARN  HOW  NETWORK  ASSOCIATES 


CAN  WORK  WITH  YOUR  COMPANY  TO  PROTECT  YOUR  ASSETS,  CALL  1  -BDQ-332-9966,  OR  VISIT  WWW.NAI.COM/ACTIVESECURITY. 


BECAUSE  THE  LAST  THING  YOUR  NETWORK  NEEDS  IS  SOME  NASTY  LITTLE  SURPRISE. 
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News 


Bandwidth, 

continued  from  page  1 

all  network  nodes  have  to  sup¬ 
port  Diff-Serv. 

Orchestream/Enterprise 
allows  network  managers  to 
specify  policies,  such  as  how 
much  bandwidth  to  give  differ¬ 
ent  classes  of  traffic,  and  to 
implement  those  policies  in 
different  brands  of  network 
hardware.  The  product  ships 
with  the  ability  to  implement 
policies  in  routers  and  switch¬ 
es  from  Cisco,  Nortel  Net¬ 
works  and  Xedia,  but  third  par¬ 
ties  can  develop  drivers  to 
propagate  policies  to  other 
vendors’  hardware. 

Orchestream/Enterprise  con¬ 
sists  of  a  central  policy  server 
running  on  Windows  NT  or 
Solaris,  backed  up  by  an  Oracle 
database.  The  server  communi¬ 
cates  policies  to  agents  residing 
on  the  same  server  or  on  others 
distributed  throughout  the 
enterprise.  The  agents  ensure 
these  rules  are  enforced  at  the 
proper  time  —  a  policy  might 
only  be  in  effect  for  a  certain 
time  of  day.  Orchestream/ 
Enterprise  will  be  generally 
available  by  mid-year,  with  pric¬ 
ing  starting  at  about  $35,000. 

Integrated  policy  manage¬ 
ment  servers  for  bandwidth 
management  systems  are  criti¬ 
cal  to  business  users,  says  Eddie 
Hold,  senior  analyst  at  Current 
Analysis,  a  Sterling,  Va.,  consult¬ 
ing  firm.  Cisco  this  week 
announced  its  first  policy  man¬ 
ager,  while  only  a  handful  of 
other  firms,  including  NetReality 
and  Ukiah  Software,  are  actually 
shipping  products,  he  says. 
Without  a  centralized  approach, 
a  user  would  have  to  make  soft¬ 
ware  changes  to  each  band¬ 
width  management  device  as 
opposed  to  making  the  change 


Corrections 

A  recent  news  brief 
(March  29,  page  6)  should 
have  described  Interlink 
Computer  Sciences  as  a 
vendor  of  products  for  ex¬ 
changing  OS/390  mainframe 
data  over  TCP/IP  nets. 

Due  to  a  production  error, 
last  week's  Opinions  cartoon 
(March  29,  page  38)  was  a 
reprint  from  a  previous  edi¬ 
tion  of  Network  World.  We 
regret  the  oversight. 


once  and  updating  all  the 
devices  through  the  network. 

Orchestream  isn’t  alone  in 
supporting  Diff-Serv  for  the  first 
time.  Next  week,  NetReality  will 
introduce  the  latest  version  of 
firmware  for  its  WiseWan  band¬ 
width  management  devices. 
WiseWan  3  0  supports  Diff-Serv 
and  will  be  available  next 
month  to  all  WiseWan  200  and 
WiseWan  CPE  bandwidth  man¬ 


agement  customers  at  no  addi¬ 
tional  charge. 

NetReality’s  existing  queuing 
lets  users  carve  up  their  band¬ 
width  and  dedicate  it  to  specif¬ 
ic  applications.  Diff-Serv  then 
lets  users  set  further  priority 
levels  within  each  queue. 

Copeland  Lumber  Yards  last 
week  inked  a  contract  with 
NetReality  to  deploy  WiseWan 
200s  in  its  68  stores,  says  James 


Summers,  LAN/WAN  manager 
at  the  Portland,  Ore.,  retail 
lumber  chain.  Copeland  is  run¬ 
ning  all  IP  traffic  over  its  frame 
relay  network,  but  the  net¬ 
work  is  suffering. 

“We  are  using  telnet  sessions 
to  send  accounting  traffic  back 
and  forth  between  headquar¬ 
ters  and  the  lumber  yards,” 
Summers  says.  “Those  sessions 
were  getting  creamed  if  any 


other  traffic  was  sent  at  the 
same  time.” 

Now  WiseWan  lets  Summers 
guarantee  36K  bit/sec  worth 
of  bandwidth  for  telnet  ses¬ 
sions  on  each  56K  bit/sec 
frame  relay  link.  In  addition  to 
controlling  bandwidth,  he  has 
been  able  to  tag  telnet  traffic  as 
top  priority  with  guaranteed 
delivery. 

Allot  Communications  is 
also  coming  out  with  product 
support  that  will  let  customers 
set  differing  priority  levels. 
Allot  will  support  Diff-Serv  in 
its  latest  version  of  firmware, 
AC  3.0,  for  its  AC200  and 
AC300  bandwidth  manage¬ 
ment  devices. 

In  addition  to  rolling  out 
Diff-Serv,  the  company  is 
announcing  its  Allot  Policy 
Manager.  This  is  Allot’s  first 
centralized  policy  manager 
that  will  let  network  execu¬ 
tives  set  rules  for  all  AC200 
and  AC300  devices  on  their 
networks.  Allot  Policy  Manager 
is  also  able  to  retrieve  data 
from  other  network  directory 
services.  Allot  Policy  Manager 
runs  on  a  Windows  NT  server 
and  will  ship  in  June  for 
$9,995.  3 


The  Diff-Serv  difference 

How  a  policy-based  Differentiated  Services  system  works: 

o  The  network  manager  defines  classes  of  traffic. 

The  policy  server  sends  commands  to  divide 
traffic  to  routers  along  the  path.  In  this  example, 
video  traffic  is  given  the  highest  priority. 


User  * 
sending  «SS 
video  !|  sm 


Policy  server 

Video:  Priority  A 
Data:  Priority  B 


Receiving 

destination 


User 

sending 

data 


©  One  user  sends  data  and  another  sends  video 
traffic  to  a  destination.  The  data  and  video 
are  given  their  priorities  at  the  access  device. 


©  Using  policies  from  the  manager's  PC,  traffic  gets  a 
guaranteed  level  of  service  across  all  hops.  In  this  case, 
video  traffic  is  routed  first  because  of  its  higher  priority. 


The  U.S.  Navy's  Web  site  was  hacked,  its  information  erased  and 
replaced  by  obscene  insults.  Russians  who  support  the  Serbs  are 
reportedly  at  fault.  The  more  graphic  words  have  been  starred  out  by 
Network  World. 


Cyberwar, 

continued  from  page  1 

NATO  sources  strongly  sus¬ 
pect  came  from  the  Serbian 
military,  not  independent 
hackers. 

In  the  U.S.,  the  Navy’s  Web 
site  was  hacked,  reportedly  by 
Russians  who  support  the 
Serbs.  Erasing  the  Navy’s  infor¬ 
mation,  they  left  blisteringly 
obscene  insults  against  the  U.S. 

Russian  hackers  —  or  peo¬ 
ple  claiming  to  be  Russian 
hackers  —  also  struck  Web 
sites  such  as  one  maintained 
by  Orange  Coast  College,  leav¬ 
ing  the  messages  “Asses  out  of 
Serbia”  and  “Russian  hackers 
demand  to  stop  terrorist 
aggression  against  Yugoslavia.” 
They  also  lobbed  a  few  insults 
at  Bill  Clinton  and  Monica 
Lewinsky. 

All  week  at  NATO  head¬ 
quarters  here,  the  network 
staff  was  countering  Serbian 
assaults  on  the  NATO.int  Web 
site  and  the  e-mail  server.  After 
a  denial-of-service  attack 
based  on  “ping”  saturations 
launched  from  Serbia  brought 
down  the  NATO  server,  NATO 
personnel  took  evasive  action. 

A  ping  attack  is  a  malicious 
saturation  of  a  server  with 


messages  that  overwhelm  the 
server’s  capacity  to  respond. 
To  counter  it,  the  NATO  net¬ 
work  crew  swapped  out  a  Sun 
SPARC  20  for  the  more  power¬ 
ful  UltraSPARC  for  faster  pro¬ 
cessing  of  the  Serbian  pings. 
And  NATO  switched  from  a 
256K  bit/sec  access  line  to  the 
European  equivalent  of  aT-1  to 
keep  the  pings  from  eating  up 
bandwidth. 

“We  have  about  100  servers, 
and  we’re  afraid  all  the  NATO 
sites  have  been  attacked,”  says 
NATO’s  Webmaster,  Baul  Magis. 
Though  NATO’s  public  server 
was  knocked  out,  no  internal 
part  of  the  NATO  intranet 
is  believed  to  have  been  com¬ 
promised.  But  NATO’s  mail 
servers  are  taking  a  beating, 
getting  hit  with  more  than 
10,000  e-mails  per  day  — 
many  with  dangerous  com¬ 
puter  viruses. 

NATO  is  bombing  Serbia,  a 
Yugoslavian  republic,  to  stop 
the  Serbs  from  forcing  ethnic 
Albanians  from  Kosovo.  Magis 
said  most  of  the  e-mail  NATO  is 
getting,  particularly  from  Serbia 
and  Russia,  expresses  opposi¬ 
tion  to  the  airstrikes.’  But  we’re 
also  getting  messages  from 
Kosovars  that  express  support 
for  NATO,”  he  adds. 


Magis  says  NATO  headquar¬ 
ters  won’t  launch  an  electron¬ 
ic  counterstrike.  “We  want  to 
show  we’re  more  civilized,”  he 
says. “We  believe  in  freedom  of 
speech.”  NATO  is  even  dis¬ 
cussing  the  possibility  of  host¬ 
ing  Serbian  information  on  the 
Web  so  the  Serbs  can  share 
their  views. 

The  attack  on  the  U.S. 
Navy  hit  the  Navy’s  Medical 
Information  Management  page 


at  navy.mil,  says  Alan  Gold¬ 
stein,  the  Navy’s  director  of 
technology  integration  in 
Bethesda,  Md. 

No  one  apparently  got  any 
farther  into  Navy  systems,  but 
no  one  there  is  resting.  “This  is 
going  to  go  on  for  quite  a 
while,”  Goldstein  says.  3 

Get  more  info  online. 
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networked  classroom. 
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New  Notes/Domino  delivers 

Lotus  enhances  its  flagship  product’s  many  strengths  as  a  server  and  client. 


BY  STEVEN 
GOLDBERG 

Release  5  of  Lotus’  Notes/ 
Domino,  which  Lotus  finally 
made  available  on  its  Web  site 
last  week,  is  more  robust  and 
sealable,  and  adheres  to  more 
open  standards  than  previous 
versions.  It  serves  many  pur¬ 
poses,  from  secure  Web  trans¬ 
action  server  to  main  knowl¬ 
edge  management  tool  for 
large  enterprises. 

That’s  the  good  news,  based 
on  our  evaluation  of  the  fea¬ 
ture-frozen  gold  candidate 
code.  The  bad  news  is  that  the 
inherent  complexity  of  manag¬ 
ing  the  Cadillac  of  messaging, 
groupware  and  Web  develop¬ 
ment  platforms  is  only  slightly 
improved  with  the  addition  of 
a  new  administration  client. 
Enterprise  Notes  administra¬ 
tors  will  have  their  hands  full 
evaluating  and  migrating  to 
Release  5. 

In  Release  5,  Notes  is  the 
client  application  and  Domino 
is  the  server  software.  The 
Domino  server  now  comes 
in  three  flavors: 

Mail,  Application 
and  Enterprise.  The 
Mail  server  is  for 
messaging  only  and 
handles  native 
Notes,  Post  Office 
Protocol  3  (POP3), 

Simple  Mail  Transfer 
Protocol  and  Inter¬ 
net  Message  Access 
Protocol  4  (IMAP4). 

The  Application  serv¬ 
er  includes  group- 
ware  and  Web  devel¬ 
opment  features  and 
messaging.  The  En¬ 
terprise  server  has 
all  the  above  features 
and  adds  application 
clustering,  which  en¬ 
ables  Notes  databases  to  be 
dynamically  hosted  on  multi¬ 
ple  servers  for  load  balancing 
and  fault  tolerance. 

The  complexity  of  configur¬ 
ing  a  Domino  server  is  entirely 
dependent  on  the  environment 
in  which  it  is  being  placed.  For 
instance,  setting  up  a  single- 
workgroup  Notes  server  for 
native  Notes  messaging  is  a 
simple  endeavor.  A  wizard 
guides  you  through  all  the 
basics.  However,  for  multiserver 


enterprise  deployment,  Release 
5  requires  capacity  planning, 
topology  considerations  and 
extensive  Notes  application 
migration  and  testing. 

One  of  Domino’s  strongest 
suits  is  that  it  allows  adminis¬ 
trators  to  choose  supported 
protocols.  The  Domino  Admin¬ 
istrator  makes  it  relatively  easy 
to  enable  protocols  such  as 
HTTP.  Domino  seamlessly 
opens  up  its  data  to  non-Notes 
clients  without  retooling  the 
entire  infrastructure. 

Domino’s  support  of  open 
e-mail  standards  is  also  a  big 
plus.  Through  the  Admin¬ 
istrator,  we  enabled  POP3  and 
accessed  the  Domino  server 
via  Outlook  Express.  Adminis¬ 
trators  looking  for  the  power 
of  Domino  on  the  back  end, 
but  who  want  to  keep  the  user 
experience  simple,  have  a 
worthy  alternative  here. 

As  with  Domino  servers, 
Notes  clients  now  come  in 
three  flavors:  Administrator, 
Designer  and  Notes. 

In  previous  Domino  ver¬ 
sions,  the  server  was  adminis¬ 


tered  through  specialized  com¬ 
mands  from  the  Notes  client. 
Release  5’s  Administrator  is  a 
specialized  client  with  many 
new  features  to  help  manage 
the  Notes/Domino  infrastruc¬ 
ture.  The  Administrator  can 
build  a  Domino  server  topolo¬ 
gy  map  on  the  fly.  You  can  use 
this  to  analyze  database  replica¬ 
tion  schemes  or  to  trace  a  sin¬ 
gle  e-mail  message  as  it  moves 
between  Domino  servers. 
Managers  of  large  Domino 


shops  will  especially  like  these 
features  for  tracking  down 
glitches  in  routing  topology. 

You  can  also  perform  day-to- 
day  tasks,  such  as  user  and 
group  management,  through 
the  Administrator  client.  The 
new  interface  organizes  reams 
of  data  and  content  into  a  man¬ 
ageable  presentation.  You  can 
manage  several  Domino  Dir¬ 
ectories  (the  databases  former¬ 
ly  known  as  the  Notes  Name 
and  Address  book)  using  a 
straightforward  hierarchy 
view,  much  like  Windows. 

You  can  also  manage  the 
multitude  of  server  tasks  and 
protocols  through  the  Admin¬ 
istrator  or  via  the  extant 
NOTES.INI  file.  Besides  HTTP, 
Network  News  Transfer  Pro¬ 
tocol,  POP3  and  IMAP4,  all  of 
which  were  supported  in  Re¬ 
lease  4,  Release  5  supports  Ver¬ 
sion  3  of  the  Lightweight 
Directory  Access  Protocol 
(LDAP).  Release  4  only  sup¬ 
ported  LDAP  Version  2,  which 
was  limiting.  LDAP  2  provides 
read-only  access  to  a  subset  of 
user  information,  while  LDAP 
3  gives  users  write 
access  as  well  —  a 
welcome  feature. 

Additionally,  Re¬ 
lease  5  has  ex¬ 
tended  its  certifi¬ 
cate-based  security 
model.  Domino’s 
certificates  have  a 
proprietary  for¬ 
mat,  but  Release  5 
adds  support  for 
X.  509-standard 
certificates.  X.509 
allows  two  dis¬ 
parate  mail  sys¬ 
tems  to  exchange 
secure  messages 
using  public/pri¬ 
vate  key  encryp¬ 
tion,  and  requires 
the  use  of  a  trusted  third  party, 
such  as  VeriSign,  to  guarantee 
authenticity. 

Release  5  also  introduces 
the  Domino  Designer  client.As 
its  name  implies,  all  applica¬ 
tion  development  occurs  with¬ 
in  the  Domino  Designer. 
Because  Domino  can  host 
Notes  and  Web  clients, 
Domino  Designer  can  tailor  an 
application  for  either  or  both 
environments.  The  slick  inter¬ 
face  easily  allows  Notes  and 


Web  previews  of  design  con¬ 
tent.  Designer  supports  HTML 
4  and  Cascading  Style  Sheets. 

Domino  development  is  a 
major  topic  unto  itself,  but 
several  enhancements  since 
Release  4  are  noteworthy. 
Lotus  has  made  several  Notes 
interface  elements  available 
to  programmers  as  Java 
applets  for  inclusion  in  Web- 


based  applications.  Also 
included  is  a  frame  designer, 
aimed  at  making  it  easier  to 
add  framed  HTML  elements  to 
Web-based  applications.  And 
Lotus  has  added  out-of-the-box 
support  for  back-end  database 
connectivity  in  many  popular 
data  formats. 

The  improvements  in  the 
Notes  client,  the  third  and 
most  commonly  deployed  of 
the  three  new  clients  in 
Release  5,  are  as  dramatic  as 
those  in  Administrator  and 
Designer.  The  most  obvious 
change  is  a  radical  departure 
from  the  familiar  Notes  desk¬ 
top.  While  the  old  desktop 
remains  for  those  who  admire 
its  simplicity,  it  is  buried 
beneath  an  impressive  new 
browserlike  interface  reminis¬ 
cent  of  Internet  Explorer,  but 
with  an  extra  ribbon  bar  of 
buttons  down  the  left  side. 
Bookmarks  to  favorite  Notes 
databases,  documents  or  URL 
addresses  are  displayed  on  the 
main  page.  These,  along  with 
the  ability  to  run  Inter¬ 
net  Explorer  within  the 
Notes  client,  give  you  a 
single  highly  functional  inter¬ 
face  to  Domino  intranets  and 
the  Web. 

Still,  the  new  interface  is  a 
bit  daunting.  Existing  Notes 
shops  should  plan  on  a  major 


end-user  training  initiative. 

While  hardly  a  light  version 
of  its  former  self,  Release  5  of 
the  Notes  client  does  not  re¬ 
quire  a  Notes  server.The  Notes 
client  can  act  as  a  client  for  a 
Domino  server,  the  Internet  or 
both.  Choosing  the  Internet 
allows  you  to  set  up  a  POP3  or 
IMAP4  mailbox  as  the  primary 
account. 


Installation  of  client  and 
server  software  is  much  refined 
over  Notes  Release  4.The  instal¬ 
lation  program  is  now  Install- 
Shield-based  and  requires  little 
administrator  input.  We  were 
not  able  to  review  any  printed 
documentation. 

We  were  very  impressed 
with  Release  5  of  Notes  and 
Domino,  from  an  architectural 
and  functionality  perspective. 
The  Domino  Administrator  is  a 
polished  tool  that  aids  in  plan¬ 
ning,  monitoring  and  problem 
resolution.  Domino’s  support 
of  the  latest  versions  of  open 
standards  gives  enterprise 
administrators  significant  flex¬ 
ibility  in  planning  and  deploy¬ 
ing  applications. 

With  the  inclusion  of  native 
POP3  and  IMAP4  support  in  the 
Notes  client,  it  looks  like  Notes 
is  positioned  for  the  masses, 
though  clearly  you  get  the 
biggest  benefits  from  running 
Notes  on  the  desktop  when 
you  have  a  Domino  server. 

With  Release  5,  Lotus  offers 
up  more  of  everything.  We 
were  impressed  with  this 
major  overhaul. 

Goldberg  has  been  a  con¬ 
tributing  editor  at  Network 
World  for  the  past  five  years. 
He  can  be  reached  at  sgold- 
berg@pobox.  com 
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1  We'll  point  you  to  a  clearinghouse 
of  Notes/Domino  information. 


ScoreCard 


Notes/Domino  Release  5 


Naming  and  directory  services  20% 

8  x. 20  =  1.6 

Management/administration  20% 

8  x. 20  =  1.6 

Stability  20% 

8  x. 20  =  1.6 

Networking/ connectivity  options  10% 

10  x. 10  =  1.0 

Messaging  10% 

10  x. 10  =  1.0 

Enterprise  scalability  10% 

10x.10  =  1.0 

Security  5% 

10  x. 05  =  0.5 

Installation  5% 

8  x. 05  =  0.4 

Total  score 

8.7 

Individual  category  scores  are  based  on  a  scale  of  1  to  10. 
Percentages  are  the  weight  given  each  category  in  determining 

the  total  score. 


Net  Results 


Notes/Domino  Release  5 

Lotus 

(617)  577-8500 

www.lotus.com 

Pros 

▲  Architecture  provides  a 
single  platform  for  Web 
development,  messaging 
and  knowledge 
management 

▲  Security  enhanced  with 
X.509  compliance 

▲  LDAP  Version  3  support  is 
enterprise-ready 
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New  user 
interface 
will  require 
training 
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Seagate  Software  last  week 
introduced  a  product  that  backs 
up  open  files  on  NetWare  LANs 
for  users  who  need  uninter¬ 
rupted  access 
to  e-mail, 
database  and 
other  cont¬ 
inuously  open 
files. 

Open  File 
Option  for 
Seagate 
Backup  Exec 
for  NetWare 
lets  the  net¬ 
work  operat¬ 
ing  system  be  backed  up  at  any 
time,  even  while  there  is  network 
activity. 

Open  File  Option  is  available 
now  for  NetWare  3.X  and  4.X, 
and  will  support  Version  5.X  in 
June.  The  software  costs  $695. 
Seagate  Backup  Exec  for  Net¬ 
Ware  costs  $695  for  a  single 
server  configuration. 

Seagate:  (800)  327-2232 

Interlink  Computer  Sciences, 

a  Fremont,  Calif.,  company  that 
recently  was  acquired  by  Sterl¬ 
ing  Software,  has  announced 
additions  to  its  suite  of  e-Access 
products  that  enable  policy- 
based  management  and  the 
monitoring  of  mainframes  run¬ 
ning  IBM's  IP  stacks.  Previously, 
Interlink's  software  only  worked 
with  the  company's  IP  main¬ 
frame  stacks. 

Pricing  for  e-Access  compo¬ 
nents  starts  at  about  $15,000  for 
50  MIPS. 

Separately,  Interlink  next 
month  is  rolling  out  Turbo  for 
ADSM,  software  that  lets  users 
of  IBM's  Adstar  Distributed 
Storage  Manager  speed  up  by 
one-third  the  data  transmission 
rate  between  mainframes  and 
storage  devices. 

Pricing  for  the  software  starts 
at  $20,000  for  50  MIPS. 

Interlink:  (510)  657-9800 


Open  File 
Option  pro¬ 
vides  NetWare 
backups. 


nfrastruct 

TCP/IP,  LAN/WAN  Switch  es.  Routers ,  Hubs,  Access  Devices, 
Clients,  Servers,  Operating  Systems,  VPIVs,  Networked  Storage 


OpenVMS  users  fear  the  future 


Compaq  CEO  Eckhard  Pfeiffer  suggested  moving  Open 
VMS  customers  to  Windows  NT,  but  later  backed  off. 


BY  MARC  SONGINI 

Some  users  claim  OpenVMS  is  an 
unloved  stepchild  whose  adop¬ 
tion  by  Compaq  happened  only 
because  it  came  with  the  marriage  to 
Digital. 

Compaq  officials  say  the  company  is 
solidly  behind  the  high-end  Digital  oper¬ 
ating  system.  However,  users  and  ana¬ 
lysts  contend  that  Compaq  has  done 
nothing  to  reverse  an  ongoing  decline  in 
support  and  development  for  OpenVMS. 

Since  the  acquisition  of  Digital  in 
January  1998,  Compaq  has  sent  mixed 
signals  to  the  installed  base  of  10  million 
OpenVMS  users  with  their  450,000  plus 
systems.  Compaq  CEO  Eckhard  Pfeiffer 
initially  suggested  migrating  OpenVMS 
customers  to  Windows  NT.  He  later 
declared  his  commitment  to  OpenVMS. 

The  near-legendary  reliability  of 
OpenVMS  running  on  VAX  or  Alpha 
servers  helped  the  operating  system  win 
widespread  support  at  banks,  stock 
exchanges  and  large  manufacturing 
companies.  However,  support  for 
OpenVMS  began  to  flounder  five  or  six 
years  ago  as  Digital  lost  market  share, 
and  support  worsened  after  the  Compaq 
buyout,  users  say.  These  Digital  diehards 


are  frustrated  by  a  steady  dwin¬ 
dling  of  new  applications,  ven¬ 
dor  support  and  trained  staff  that 
can  operate  an  OpenVMS  net¬ 
work.  While  these  users  have  lit¬ 
tle  interest  in  moving  off  the  reli¬ 
able  old  platform,  they  fear  the 
bell  has  tolled  for  OpenVMS,  and 
apparently  nothing  Compaq  says 
is  changing  their  minds. 

“Compaq  has  put  Digital  users 
in  a  precarious  position,”  says 
David  Graf,  a  staff  specialist  in 
the  IS  department  at  Corian,  a 
unit  of  DuPont  Corp.The  Buffalo, 

N.Y.,  factory  produces  Corian,  a 
synthetic  granite,  and  is  migrat¬ 
ing  off  its  OpenVMS  network. 

“The  users  don’t  know  exactly 
what  the  future  of  OpenVMS  is, 
and  that’s  the  big  thing,”  Graf 
says.  Corian’s  network  consists  of  20 
devices  connected  to  a  VAX  server  that 
monitors  the  manufacturing  process. 
“We  loved  VMS,”  Graf  says. 

Let's  work  this  out 

Yet  Compaq  is  serious  about  support¬ 
ing  its  legacy  users,  says  Rich  Marcello,  a 
vice  president  for  OpenVMS  at  the  com¬ 
puter  maker.  Right  after  the  merger, 


Marcello  says  Digital  executives  made  a 
pitch  to  Compaq’s  top-level  executives, 
including  Pfeiffer,  to  keep  OpenVMS 
going:  “Essentially,  we  got  a  high-level 
commitment  for  VMS  in  the  future  and 
will  continue  to  enhance  it.” 

Compaq  is  plowing  about  $100  mil¬ 
lion  per  year  into  the  development  of 
the  platform,  Marcello  says,  and  the  firm 
See  OpenVMS,  page  18 


Cisco  rolls  out  convergence  gear 


New  wares  aimed  at  blending  voice/data/video  on  campus  nets. 


BY  JIM  DUFFY 

SAN  JOSE  —  Cisco’s  new  conver¬ 
gence  products  are  intended  to  serve 
notice  that  packet  telephony  is  ready 
for  prime  time. 

The  company  has  announced  a 
handful  of  new  products  and  a  service 
program  for  melding  voice,  data  and 
video  over  a  campus  packet  infrastruc¬ 
ture.  Cisco  claims  the  products  can 
help  reduce  user  telephony  equipment 
and  services  costs  and  support  new 
multimedia  applications. 

Among  the  new  products  is  Cisco 
CallManager  2.2,  call-processing  soft¬ 
ware  that  runs  on  a  Windows  NT  serv¬ 
er.  It  supports  up  to  100  users  in  a 
small  or  branch  office. 

Version  2.2  features  enhanced  H.323 
interoperability  and  support  for  the 


Windows  Telephony  API  (TAPI). 

TAPI  enables  the  development  of 
voice  applications  on  the  Windows 
operating  system.  H.323  is  a  standard 
for  running  multimedia  over  packet 
networks. 

CallManager  2.2  also  includes  a 
browser-based  call-attendant  console 
with  drag-and-drop  call  routing;  a  digi- 


w.  #  • 

nwfusion 


See  why  "Keeping  Current"  columnist 
Fred  McClimans  is  skeptical  about  all 
this  convergence  talk. 

More  product  details 

from  Cisco.  .  _  j?cf.  u' . . 


tal  gateway  to  PBXs  or  public  networks 
that  supports  up  to  four  T-ls;  and  a 
voice  mail  system  called  Cisco  Valet. 

The  Rogers  Group,  a  road  construc¬ 
tion  firm  in  Nashville,  Tenn.,  has  had 
CallManager  installed  for  about  a  year. 
The  company  has  35  users  in  three  of 
its  70  sites  conversing  over  a  data  infra¬ 
structure,  according  to  telecom  admin¬ 
istrator  Alan  Perry,  who  says  there  are 
still  some  wrinkles  to  iron  out. 

“It’s  not  the  IP  packet  area  that  has 
had  the  problems,  it’s  been  the  gate¬ 
way  and  talking  to  the  local  exchange 
carrier,”  he  says.  “The  only  pain  I’ve 
really  felt  is  in  [dumbing  down  the 
gateway]  to  speak  on  the  public 
switched  telephone  network.” 

CallManager  2.2  is  free  to  existing 
customers  and  will  be  available  in  May. 
Telephone  and  gateway  licenses  cost 
$125  per  user. 

Another  new  convergence  product 
is  the  VSC2700,  a  voice  switch  con¬ 
troller  for  Cisco’s  Catalyst  8500  LAN 
switches.  The  VSC2700  is  designed  to 
See  Cisco,  page  14 
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IN-SITE:  Lessons  from  Leading  Users 


Georgia  Public  Broadcasting  gets  with  the  ATM  program 


BY  DENISE  PAFPALARDO 

Georgia  Public  Broadcasting  (GPB) 
believes  the  arrival  of  IP  conver¬ 
gence  is  no  longer  a  question,  but 
rather,  simply  a  matter  of  time. 

This  conclusion  has  driven  the 
public  radio  and  television  station 
to  build  a  high-speed  ATM  network  de¬ 
signed  to  handle  data,  voice  and  video. 

As  a  public  broadcasting  company, 
GPB  isn't  used  to  having  a  lot  of 
money  for  its  projects.  But  when  the 
company  moved  into  new  facilities  a 
couple  of  years  ago,  GPB  gave  its  IT 
department  $500,000  to  build  a  cor¬ 
porate  network  that  would  last  well 
into  the  next  century. 

The  station  began  by  wiring  the 
building  with  multimode  fiber-optic 
cable  at  a  cost  of  $250,000.  While  the 
fiber  network  chewed  up  half  the 
project  budget,  the  organization  fig¬ 
ured  fiber  cable  would  provide  a  solid 
infrastructure  for  at  least  15  years. 

The  fiber  infrastructure  is  the  foun¬ 
dation  for  the  new  ATM  network  that 
GPB  started  rolling  out  about  a  year 
ago.  The  organization  previously  ran 
an  FDDI  and  Ethernet  network. 

The  station  chose  ATM  because  it 
deemed  the  technology  best  suited  to 
handling  multiple  protocols  and  high¬ 
speed  multimedia  applications.  While 
GPB  is  in  the  midst  of  migrating  to  an 
all-IP  network  based  on  NetWare  5.0, 
the  need  for  multiprotocol  support  is 
key  because  certain  IPX  and  other 
applications  are  likely  to  be  around 
for  a  while. 

The  network  is  anchored  by  16 
Madge  Networks  Collage  750  ATM 
switches,  which  support  a  batch  of 
servers  and  180  workstations.The  ATM 
network  lets  GPB  deliver  155M  bit/sec 
to  the  desktop  —  plenty  of  bandwidth 
even  for  emerging  multimedia  applica¬ 
tions,  says  Bill  Burson,  the  organiza¬ 
tion’s  assistant  director  of  IT. 

GPB  is  awaiting  tools  from  Madge 


that  will  let  the  com¬ 
pany  monitor  the 
ATM  network’s  per¬ 
formance  via  Hewlett- 
Packard  OpenView, 
says  Burson,  who  is 
part  of  a  three- 
member  team  respon¬ 
sible  for  GPB’s  entire 
network. 

GPB  chose  Madge 
because  the  vendor 
offered  its  products 
at  one-third  of  the  list 
price.  Also,  at  the 
time  of  the  transac¬ 
tion,  Madge  was  the 
only  major  player  supporting  Novell’s 
IPX  protocol,  Burson  says.  The  one 
catch  with  the  Madge  deal  was  that 
GPB  had  to  agree  to  be  a  showroom 
for  the  vendor. 

“It  hasn’t  been  a  problem  at  all,” 
Burson  says.  “Madge  representatives 
were  in  here  half  a  dozen  times  when 
we  first  moved 
in,  and  that’s 
about  it.” 

While  ATM  to 
the  desktop  is 
rare,  Burson’s 
group  decided 
ATM  was  the  only 
technology  that 
would  let  GPB 
send  voice  and 
video  on  the  net¬ 
work  over  which 
all  of  its  data  is 
running.  ATM  has 
proven  standards, 
such  as  Multi- 
Protocol  over 
ATM,  that  let 
users  support 
mixed  protocol 
environments. 

While  technolo- 


Bill  Burson,  GPB's  assistant 
director  of  IT,  says  ATM  is  easier 
to  deal  with  than  it  seems. 


gies  such  as  Gigabit 
Ethernet  are  fast, 
they’ve  yet  to  be 
tested  like  ATM, 
Burson  says. 

Today  the  network 
is  supporting  typical 
applications,  such  as 
Microsoft  Office,  and 
Oracle  database  ap¬ 
plications  used  to 
store  GPB  member 
information. 

But  the  station 
plans  to  begin  run¬ 
ning  video  over  its 
network  by  year- 
end.  GPB  is  considering  hooking  up  a 
Real  Networks  RealVideo  server  to  its 
ATM  network.  Video  applications  on 
tap  include  online  video  editing  and 
the  exchange  of  videos  with  other 
educational  organizations. 

“We  should  be  streaming  video 
internally  instead  of  handling  VHS 


tapes,”  Burson  says.  “But  until  recently, 
video  servers  were  cost-prohibitive 
and  the  quality  wasn’t  good  enough.” 

Burson  is  awaiting  available  bit  rate 
software  from  Madge  that  will  let  GPB 
guarantee  bandwidth  to  desktop  users, 
an  important  consideration  for  time- 
sensitive  applications  such  as  video. 

Next  year,  GPB  expects  to  add  voice 
to  its  ATM  network  traffic  mix.The  orga¬ 
nization  plans  to  attach  its  Mitel  SX2000 
PBX,  which  comes  equipped  with  an 
ATM  interface,  to  the  ATM  net.  The  sta¬ 
tion  figures  it  will  connect  its  voice  sys¬ 
tem  to  its  membership  database  server, 
Burson  says.  This  plan  will  enable 
callers  to  be  identified  by  their  phone 
numbers  and  will  let  GPB  put  mem¬ 
bers’  latest  information  in  the  hands  of 
call  center  agents  more  quickly. 

It  remains  to  be  seen  how  ATM  han¬ 
dles  voice  and  video.  But  to  date,  ATM 
has  proven  to  be  more  stable  and  far 
less  complicated  to  deal  with  than 
people  might  think,  Burson  says,  lai 


Building  bandwidth  for  the  future 

Georgia  Public  Broadcasting's  fiber-based  ATM 
network  now  mainly  supports  data  traffic  between 
clients  and  servers.  But  the  organization  is  planning 
to  move  voice  and  video  across  the  network  as  well. 


Madge  Networks  Collage  750  ATM  switches 


NetWare 

server 


HiimmniuM 


1 55M  bit/sec 


Madge  switches  provide  high  bandwidth 
to  the  desktop,  while  supporting  IPX  and 
IP  protocols  for  the  organization's  Novell 
and  NT  servers,  respectively. 


Workstations 
equipped  with 
Collage  PCI  adapters 

im 


NT  server 


The  organization  is  looking  to  use 
streaming  video  to  the  desktop  to  avoid 
handling  VHS  tapes. 


RealVideo 

server 


Mitel  PBX 
Future  network  plans 


An  ATM  enabled  PBX  will  let 
the  organization  identify  callers 
by  their  phone  numbers. 
Member  information  stored  in 
a  networked  database  can  then 
be  accessed  more  quickly  by 
call  center  agents. 


Cisco, 

continued  from  page  13 

replace  or  off-load  tandem 
PBXs  and  switch  calls  over 
ATM  campus  networks,  met¬ 
ropolitan  area  networks  or 
WANs. 

'Hie  VSC2700,  which  is  a 
result  of  Cisco’s  acquisition  of 
LightSpeed,  interprets  PBX  sig¬ 
naling  to  set  up  ATM  circuits. 
Cisco  plans  to  evolve  this  tech¬ 
nology  to  embrace  packet- 


over-SONET  and  other  trans¬ 
mission  media,  says  Byron 
Henderson,  a  Cisco  marketing 
director. The  VSC2700  is  priced 
according  to  configuration  and 
is  available  this  month. 

Cisco  has  also  rolled  out  the 
multimedia  conference  man¬ 
ager  for  its  MC3810  multi¬ 
service  access  unit.  The  new 
offering  is  intended  to  manage 
H.320  or  H.323  video  band¬ 
width  and  guarantee  quality  of 
service  for  video  on  a  con¬ 


verged  network.  The  multi- 
media  conference  manager 
costs  $6,495  and  is  available 
now. 

Standards  supported 

For  packetized  voice,  Cisco 
unveiled  voice-over-frame  relay 
and  voice-over-IP  software 
enhancements  for  its  2600  and 
3600  series  routers. 

The  software  supports 
Frame  Relay  Forum  standards 
FRF.  11  and  FRF  12  for  multi¬ 


vendor  interoperability  and 
lets  users  bypass  tandem  PBXs 
for  voice  switching. 

For  voice  over  IP,  the  soft¬ 
ware  supports  integrated 
voice  response  and  Remote 
Authentication  Dial-In  User 
Service  features  for  user 
authentication. 

It  is  also  designed  to 
improve  scalability,  Cisco  says. 
The  company  also  unveiled  an 
ISDN  Basic  Rate  Interface 
voice  interface  card  for  the 


2600  and  3600  routers  that 
provides  a  two-channel  BRI 
connection  to  a  PBX. 

Lastly,  Cisco’s  Network 
Implementation  Service  offer¬ 
ing  provides  project  manage¬ 
ment,  engineering,  staging 
and  installation  of  packet  tele¬ 
phony  and  multiservice  cam¬ 
pus  networks. 

Pricing  for  this  service  is 
on  a  per-unit  basis.  The  ser¬ 
vice  is  available  now. 

Cisco:  (408)  526-4000 
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Welcome  to  VPN  Advantage,  the  next  generation  virtual  private  networking 
service  from  GTE  Internetworking,  Anyone  struggling  to  balance  a  teetering 
array  of  business  communications  needs  will  now  find  the  Internet  a  safer, 
more  cost-effective  and  comfortable  place  to  do  business.  A  place  unfettered 
by  staff  or  budget  limitations,  thanks  to  one  of  the  world's  largest,  fastest  and 
most  rigorously  engineered  backbone  networks.  End-to-end  encryption  and 
non-stop  monitoring  assure  you  of  the.  highest  level  of  security  commercially 
available.  Over  600  US  Points  Of  Presence  as  well  as  global  access  deliver  the 
superior  performance  and  reach  your  company  needs.  To  further  ease  your 


mind,  our  Proactive  Service  Guarantees  stand  as  the  ultimate  safety  net. 
The  Internet  is  not  to  be  feared.  It's  to  be  used.  Let  the  architects  of  the 
Internet  show  you  the  way. 

www.internetworking.gte.com  or  800.472.6565 


INTERNETWORKING 


Free  Product  info  enter  NWInfoXpress  #82  online  @  www.networkworld.com/ihfoxpress 
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n  20  years  of  scrutinizing  the  IT  business,  I’ve  seen 
scores  of  technologies  shoot  up  and  burn  brightly 
like  a  Roman  candle,  only  to  quickly  arc  downwards 
and  lose  luster  before  fizzling  completely. 

In  sharp  contrast  to  these  shooting  stars,  VPNs  have 
demonstrated  extremely  rapid  growth  as  well  as  stay¬ 
ing  power  as  strong  as  anything  else  I’ve  seen.  VPNs 
are  here  today  and  they  will  be  around  for  many 
tomorrows. 

Says  who?  At  last  fall’s  Network  World  VPN  semi¬ 
nars,  three  quarters  of  the  attendees  did  not  have  a 
VPN  installed.  But  a  whopping  89%  of  that  group  said 
they  would  install  a  VPN  within  18  months. 

Why  all  this  universal  interest  in  what  is  basically  a 
private  network  carried  over  a  shared  IP-based  back¬ 
bone?  Are  VPNs  right  for  every  site?  Have  early  users 
found  the  cost  savings  all  they  are  cracked  up  to  be? 

You’ll  find  answers  to  these  and  other  VPN  issues  in 
the  pages  of  this  supplement.  You’ll  find  even  greater 
depth  on  VPNs  in  Network  World’s  VPN  ’99  Technical 
Seminar,  which  kicks  off  this  week.  For  more  informa¬ 
tion  on  this  multi-city  VPN  tour,  visit 
www.nwfusion.com/seminars. 

Bill  Laberis 
Project  Manager 


Project  Management:  Bill  Laberis  Associates 
Managing  Editor:  Joyce  Chutchian 
Design:  Top  Dog  Design;  Suzanne  Peterman 


BY  ERIC  ZINES 


Eric  Zines  is  a  VPN  specialist  and  senior 
__  analyst  at  TeleChoice,  Inc.,  in  Boston  Mass. 

■  I  Zines  is  also  the  seminar  leader  of 

■I  NetworkWorld’s  VPN  ’99  Technical  Seminar, 

■  held  in  multiple  cities  starting  this 

||  week.  For  more  information,  visit 

1  www.nwfusion.com/seminars. 

X  ou’ve  heard  all  the  hype  about  cost  savings  and 
virtual  private  networks  (VPNs).  Companies  claim 
to  slash  costs  with  VPN  solutions  and  save  mil¬ 
lions,  or,  even  billions.  It  sounds  great.  But  will  this 
work  for  your  company? 

According  to  a  recent  VPN  market  survey  by  Boston-based 
TeleChoice,  Inc.,  more  than  half  of  the  organizations  that  use 
wide-area  networks  either  have  or  will  be  implementing  a  VPN 
in  the  next  year.  That's  amazing  progress  for  a  technology  that 
most  IT  managers  hadn’t  even  heard  of  just  two  years  ago.  The 
study  found  that  organizations  are  implementing  VPNs  for  one 
or  more  of  the  following  four  goals:  remote  access,  intranets, 
extranets  and/or  electronic  commerce. 

But  why  are  they  flocking  to  VPNs?  For  many,  it’s  cost  sav¬ 
ings.  Most  believe  that  VPNs  can,  indeed,  deliver  savings  over 
other  WAN  technologies.  However,  few  understand  where  the 
savings  actually  come  from. 

THE  VPN  ADVANTAGE 

VPNs  are  frequently  compared  with  the  astronomical  costs  of 
leased  line  solutions  and  even  comparatively  reasonable  frame 
relay  prices  (see  Figure  1).  The  big  question:  Are  the  savings 
claims  accurate,  or  wildly  exaggerated? 

The  true  advantage  of  VPNs  comes  in  the  inherently  fully 
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meshed  nature  of  IP.  VPNs  also  deliver  savings  over  tradi¬ 
tional  WAN  services  in  the  area  of  international  connectivity. 
Fifty-one  percent  of  organizations  with  international  data 
connectivity  needs  are  considering  VPNs  as  a  way  to  cut  costs. 
TeleChoice  estimates  that  international  VPNs  can  deliver  sav¬ 
ings  as  high  as  90%  over  leased  line  solutions. 

In  truth,  most  VPNs  are  not  implemented  to  replace  WANs 
based  on  traditional  technologies.  According  to  the 
TeleChoice  study  only  about  6%  of  organizations  with  VPNs 
rely  on  them  exclusively.  The  majority  of  IT  managers  view 
VPNs  as  being  incremental  to  existing  WANs,  at  least  for  now. 
Many  are  using  the  new  technology  to  achieve  only  a  single 
objective  such  as  remote  access,  global  connections,  or 
extranet  connectivity,  typically  because  these  are  seen  as  tar¬ 
gets  for  immediate  savings. 


MASTER  OF  YOUR  OWN  DOMAIN? 

Assuming  you’ve  made  the  decision  to  take  the  VPN  plunge, 
one  of  the  key  decisions  that  directly  impacts  the  level  of  sav¬ 
ings  is  whether  or  not  to  outsource  the  network. 

Service  providers  now  deliver  packaged  or  custom  VPN 
solutions,  complete  with  design,  integration,  configuration, 
installation,  management,  monitoring,  support,  reporting, 
and  performance  guarantees.  Organizations  who  have  imple¬ 
mented  do-it-yourself  VPNs  are  now  flocking  to  fully  man¬ 
aged  solutions.  IT  managers  site  three  main  reasons: 
Unforeseen  hassles  and  expenses  with  do-it-yourself  VPNs; 
desire  for  service-level  agreements  and  accountability;  and 
limited  scalability  of  the  do-it-yourself  solution. 

The  single  most  important  factor  contributing  to  these 
issues  is  VPN  management.  Specifically,  dealing  with  the  gen¬ 
eration,  distribution,  and  refreshing  of  encryption  keying 
material.  To  prevent  anyone  from  intercepting  and  using  your 
data,  it  is  necessary  to  update  encryption  keys  frequently.  If  a 
single  key  is  used  for  an  extended  length  of  time  and  that  key 
is  at  some  point  compromised,  all  of  the  communications 
encrypted  with  that  key  are  at  risk. 

Key  management  is  not  a  major  issue  for  small  networks. 
As  VPNs  grow,  however,  the  task  becomes  more  complex.  A 
properly  secured  network  includes  unique  key  pairs  for  each 
potential  pair  of  communicating  parties.  So  as  more  nodes  or 
users  are  added,  the  workload  increases  exponentially 

To  avoid  this,  the  key  management  process  is  automated 
through  the  use  of  centrally  managed  digital  certificates  or 
Public  Key  Infrastructures  (PKI).  PKIs  significantly  reduce 
the  management  burden  associated  with  key  management  in 
VPNs  by  automating  user  setup,  key  distribution,  and  rekey- 


WAN  Price  Comparison  (Figurei) 

This  chart  summarizes  the  costs  for  implementing  a  new  WAN  that  is  based 
on  leased  lines,  frame  relay  and  managed  VPN  services.The  example  is  based 
on  a  15-node  network,  one  of  which  is  a  headquarters  location.  We  assumed 
that  this  main  site  would  require  aTI,  and  the  outlying  sites  would  implement 
56K  circuits.  Industry  midpoint  pricing  is  used  in  all  cases. 


Leased  Lines 

Frame  Relay 

Managed  VPN 

Monthly  Line  Charges 

$18,530 

$9,642* 

$12,245** 

CPE  Monthly 

Management  Fee 

$3,300 

$3,300 

N/A  or  $0 

Total  Monthly  Cost 

$21,830 

$12,942 

$12,245 

One  Time  Equipment  Cost 

$33,950 

$33,950 

$0 

First  Year  Cost 

$295,910 

$189,254 

$146,940 

*  32Kbps  Frame  Relay  CIR  PVCs  in  each  direction 

**  VPN  Pricing  includes  loops,  port,  equipment  lease,  and  management _ 

Other  Assumptions; 

» Private  line  costs  assume  500-mile  distance  average  and  "wagon  wheel"  style  network 

•  Frame  relay  costs  assume  a  "wagon  wheel"  network  configuration  (3  PVCs  per  remote 
site) 

• Installation  charges  apply  in  all  scenarios,  but  are  not  reflected  here 

ing.  Most  vendors  now  include  support  for  PKI  and  digital 
certificates  with  their  VPN  offerings.  Establishing  an  in-house 
PKI  or  digital  certificate  solution  may  involve  additional  up¬ 
front  costs,  but  in  the  long  run,  the  payback  is  well  worth  the 
investment. 

If  the  idea  of  managing  VPN  keys  or  implementing  PKI 
appears  to  be  overly  complex,  then  managed  VPN  solutions 
may  be  appropriate  for  you.  Outsourcing  VPNs  means  placing 
these  responsibilities  on  your  service  provider,  who  should 
have  the  expertise  and  resources  to  deal  with  these  issues.  Be 
aware,  however,  that  there  are  varying  degrees  of  “manage¬ 
ment”  offered  by  different  service  providers.  Read  the  fine 
print  carefully  to  understand  what  the  carrier  will  take  on  and 
what  you  will  be  responsible  for. 

VPN  management  is  only  one  component  of  the  ultimate 
build-or-buy  decision.  As  with  any  IT  decision,  cost  always 
weighs  heavy  on  the  outcome.  For  example,  assume  that  you 
have  a  simple  network  consisting  of  one  headquarters  site  and 
four  smaller  branch  sites.  You  want  to  connect  them  with  an 
Internet-based  VPN  using  T1  connectivity  at  headquarters  and 
56K  circuits  for  the  smaller  branches.  Assuming  industry  aver¬ 
age  pricing  for  all,  you  need  to  compare  the  first  year  costs  of 
the  do-it-yourself  and  outsourcing  approaches  (see  Figure  2). 

SECURITY 

Also,  keep  in  mind  that  while  you  may  gain  in  simplicity  and 
cost  savings,  outsourcing  may  reduce  the  level  of  control  that 
you  personally  have  over  your  organization’s  data  security.  For 
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ADC  KENTROX  Frame  Relay  SLA  Monitoring. 

Because  guesswork  isn't  in  your  job  description 


SPECIAL  OFFER 


FrameVision  Starter  Kit 

www.kentrox.com/starterkit 


You  have  to  pinpoint  and  evaluate  problems  with 
your  Frame  Relay  network.  That's  a  tough  job  when  you  have 
absolutely  no  information  to  work  with.  But  now,  Frame  Relay  SLA 
monitoring  from  ADC  Kentrox  takes  the  guesswork  out  of  managing  your 
network.  And  with  the  FrameVision™  Starter  Kit,  you  can  take  your  first 
look  at  what's  really  going  on  with  your  WAN  traffic — risk-free! 


Order  the  FrameVision  Starter  Kit  by  July  31,  1999,  and  you  can  start  to 
monitor  your  Frame  Relay  SLA.  Try  this  special  offer,  priced  at  $2,295 
— and  save  an  additional  $150  if  you  order  by  May  31,  1999. 


For  more  information  call  1-800-733-5511  or  visit  www.kentrox.com/starterkit 
Or  call  your  ADC  Kentrox  reseller  today  to  place  an  order  (Model  #72601). 


It's  the  risk-free  way  to  see  what  you  need  to  make  smart  network  decisions. 


Redefining  Network  Access 


Free  Product  info  enter  NWInfoXpress  #84  online  @  www.networkworld.com/infoxpress 
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VPN  Build  or  Buy  (Figure?) 


Do  it  Yourself  Cost 

Outsourced  Cost 

VPN  Service  Cost  -T1  Site 

N/A 

$  3,145/month 

VPN  Service  Cost  -  56K  Site 

N/A 

$  650/month 

T1  Connectivity  (Local  +  Port) 

$2,500/month 

Included  in  Service  Cost 

56K  Connectivity  (Local  +  Port) 

$500/month 

Included  in  Service  Cost 

Capital  Equipment  T1  Site 
(Assume  standard  router  and  VPN  gateway) 

$10,000 

Included  in  Service  Cost 

Capital  Equipment  56K  Site 
(assume  standard  router  and  VPN  gateway) 

$4,500 

Included  in  Service  Cost 

Solution  Design 

(Assume  1  $100K/yr  Headcount  for  3  months) 

$25,000 

included  in  Service  Cost 

Testing  and  Installation 

(Assume  1  $100K/yr  Headcount  for  1  Month) 

$8,300 

$5,000/T1  site,  $3,000/56K  sites 

Ongoing  Management 
(Assume  2  $80K/yr  headcount) 

$160,000 

Included  in  Service  Cost 

Ongoing  Administration 
(Assume  1  $80K/yr  headcount) 

$80,000 

$80,000 

Solution  First  Year  Total 

$355,300 

$165,940 

Subsequent  Years 

$294,000 

$148,940 

many  security-conscious  companies 
this  is  simply  unacceptable,  which  justi¬ 
fies  the  added  expenses  of  in-house 
VPNs. 

If  you’re  new  to  data  security  and 
have  no  concept  of  how  to  even  guess  at 
what  “appropriate  security”  may  be, 
you’re  not  alone.  Whether  your  imple¬ 
menting  a  VPN  yourself  or  outsourcing 
the  task  to  a  service  provider,  a  success¬ 
ful  VPN  begins  with  a  well-defined 
security  policy.  Don’t  skimp  in  this  area. 

Hire  an  objective  professional  security 
consultant  to  review  your  needs  and 
help  develop  your  security  policies.  It 
may  add  to  your  overall  costs,  but  it’s 
well  worth  it  in  the  long  run. 

One  of  the  most  worthwhile  invest¬ 
ments  for  improving  VPN  management 
is  to  integrate  it  with  your  existing  IT 
infrastructure.  Ask  yourself  the  follow¬ 
ing  questions:  Can  the  VPN  manage¬ 
ment  console  be  integrated  with  your 
existing  network  management  environ¬ 
ment?  Can  user  profiles  be  integrated 
with  existing  corporate  directories  or 
Network  Operating  Systems?  What  has 
to  be  done  to  existing  client  computers 
before  they  can  participate  in  the  VPN? 

The  answers  will  help  you  gauge  the  effort  involved  in  VPN 
integration. 

THE  SOFT  SELL 

The  real  benefits  of  VPNs  come  in  the  form  of  improved  com¬ 
munications,  organizational  efficiencies  and  tighter  relation¬ 
ships  with  customers  and  partners.  Here  are  some  of  the  most 
common  goals  of  respondents:  Increase  productivity; 
improve  communications;  decrease  IT  costs;  streamline  busi¬ 
ness  processes;  improve  employee  satisfaction;  and  improve 
customer  relationships. 

The  problem  is,  how  do  you  quantify  these  benefits  before 
they've  actually  occurred?  How  do  you  put  a  dollar  figure  on 
productivity  gains  that  can  be  realized  through  telecommut¬ 
ing  or  remote  access  to  corporate  information  resources? 
What  is  it  worth  to  your  company  to  have  instant  access  to 
data  from  your  business  partners  and  suppliers? 

The  only  way  to  answer  these  and  other  questions  is  to 


involve  your  users  early  on.  A  VPN  is  only  part  of  an  overall  IT 
strategy.  Talk  to  your  users.  Find  out  ways  of  addressing  their 
needs,  and  how  you  can  solve  them.  The  big  question:  Are  the 
savings  claims  accurate,  or  wildly  exaggerated?  When  you 
know  what  you  need,  talk  to  your  vendors  and  service 
providers.  Gather  pricing  quotes  for  VPN  services  and  prod¬ 
ucts  that  appeal  to  you.  Use  this  real-life  data  to  build  your 
own  business  case,  but  don't  forget  to  include  estimates  for 
those  soft-dollar  benefits. 

The  chances  are  good  that  VPNs  can  save  your  company 
money  when  compared  with  other  WAN  alternatives.  And 
you’ll  most  likely  be  happy  with  the  decision  to  implement  a 
VPN.  Over  90%  of  the  TeleChoice  VPN  Market  Study  respon¬ 
dents  said  they  were  either  “satisfied”  or  “very  satisfied”  with 
their  VPN  solutions.  You  can’t  argue  with  that. 

Eric  Zines  can  be  reached  via  e-mail  at: 
ezines@telechoice.  com. 
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ARE  VPNs  RIGHT  FOR  YOU? 


Even  the  most  clever,  malicious, 
code-cracking  criminals  in 
cyberspace  have  met  their  match. 
RedCreeks  Ravlin®  family  of 
products  enable  secure  data 
transmission  over  any  kind  of 
IP  network.  Installation  and 
administration  is  easy.  Network 
performance  remains  at 
optimum  speeds.  And  Ravlin 
products  fit  comfortably  into  your 
budget.  Call  888-745-3900  for 
your  free  copy  of  “Delivering 
Trusted  Networks”  and  find  out 
how  simple  it  is  to  foil  the  felons. 


Come  see  us  at 

Networld+ Interop  '99 

in  Las  Vegas 

Booth  #6601 


O 

RedCreeic 


www.redcreek.com 


Free  Product  info  enter  NWInfoXpress  #80  online  @  www.networkworld.com/infoxpress 


STEVE  KORMES 


Advertising  Supplement 


o  one  ever  said  networking  was  easy.  Administration, 
monitoring  and  troubleshooting  can  rapidly  con¬ 
sume  limited  technical  staff  resources.  And  with  crit¬ 
ical  issues  like  Y2K  and  E-commerce  on  their  plates, 
many  IT  departments  are  ready  to  let  go  of  their  net¬ 
working  responsibilities. 

That’s  why  Roy  Milano,  manager  of  MIS  at  Purchase,  N.Y.- 
based  Hitachi  Metals  America  Ltd.,  began  shopping  for  a  fully 
managed  network  solution  last  summer.  “We  were  tired  of 
spending  all  day  babysitting  routers,”  he  admits.  “It’s  much 
more  important  for  a  small  team  like  ours  to  focus  on  strate¬ 
gic  applications  work.” 

Milano  had  several  key  considerations  in  his  request  for 
proposal.  One  was  that  he  didn’t  want  to  have  to  pay  a  lot  for 
his  customer  premises  equipment  (CPE).  He  also  needed 
strong  service-level  agreements,  since  he  was  giving  his  vendor 

complete  charge  over 
his  network’s  health. 
And  he  was  looking  for 
someone  who  could 
provide  him  with  addi¬ 
tional  bandwidth  on 
demand. 

“We  want  to  do 
videoconferencing,  but 
we  don’t  want  to  have  to 
pay  for  all  that  band¬ 
width  when  we’re  not 
using  it,”  Milano  says. 

The  service  provider 
that  met  all  of  Milano’s 
requirements  was  Cu¬ 
pertino,  Calif. -based  Concentric  Network  Corp.  Its  proposal  was 
particularly  strong  in  the  bandwidth-on-demand  department. 
“Most  of  the  other  vendors  only  bring  a  fractional  T1  out  to  your 
location  when  they’re  supplying  128Kbps,  which  limits  their 
ability  to  scale,”  he  explains.  “Concentric  brought  out  full  Tls.” 

Because  of  the  cost-efficiencies  of  VPN  technology, 


Roy  Milano,  manager  of  MIS  at  Hitachi  Metals 
America  Ltd. 


BY  LENNY  LI  EB  M  AN  N 


Managed  VPN  makes 
hassle-free  networking  for 
Hitachi  Metals  America 

Concentric  was  also  able  to  meet  Hitachi’s  demands  for  mini¬ 
mal  CPE  charges.  Other  vendors  wanted  to  charge  $700  per 
month  for  routers  plus  another  $250  per  month  to  manage 
them.  As  a  result,  Milano  was  able  to  network  his  15  locations 
throughout  the  United  States  with  128Kbps  (with  headquar¬ 
ters  getting  a  full  T1  and  one  facility  running  at  256Kbps)  for 
$2,000  less  per  month  than  his  previous  configuration.  That 
additional  bandwidth  means  less  congestion  and  the  ability  to 
support  key  business  applications.  “Plus,  we’ve  been  com¬ 
pletely  relieved  of  all  the  management  burdens,”  he  adds. 

Implementation  took  about  three  months.  And  Milano  got 
the  SLAs  he  needed.  Covered  in  the  agreement  are  network 
uptime  requirements,  end-to-end  latency  thresholds  and  a 
guaranteed  four-hour  on-site  repair  response  time. 

Milano  is  adding  remote  access  services  to  his  managed 
VPN  contract.  Concentric  will  handle  all  security  functions 
and  aggregate  traffic  onto  Hitachi’s  existing  Internet  connec¬ 
tion.  “That  way,  we  don’t  have  to  hassle  with  things  like 
modem  pools  and  RADIUS  servers,”  he  says. 

Milano  sees  VPNs  as  an  ideal  medium  for  extranet  connec¬ 
tivity  -  an  important  consideration  as  more  and  more  manu¬ 
facturers  seek  to  implement  electronic  supply-chain  manage¬ 
ment.  Most  importandy,  Milano’s  six-person  team  is  now  free 
to  focus  all  their  efforts  on  strategic  business  initiatives.  “We 
haven’t  seen  any  downside  at  all  to  the  managed  VPN  solution 
so  far,”  Milano  says.  “We  have  a  very  reliable  and  flexible  net¬ 
work  in  place  that’s  performing  to  our  satisfaction  -  and  we’ve 
gotten  out  of  the  business  of  managing  routers.” 

Lenny  Liebmann  is  a  highlands  N.J.-based  consultant  and 
writer  specializing  in  the  technology  and  business  of  network¬ 
ing  and  electronic  commerce. 
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i-Key  is  a  portable  security  token 
that  delivers  strong  two-factor 
authentication.  It  protects  access  to 
e-commerce,  VPNs  and  corporate 
intranets,  and  fits  all  standard 
USB  ports.  i-Key  works  with  both 
CryptoSwift  and  NetSwift  to  enhance 
network  security  and  performance. 


The  i-Key™  security  token  ensures 
secure  network  access.  It  uses  its 
cryptographic  processor  and  memory 
for  strong  two-factor  authentication 
that  guards  and  protects  access  to 
corporate  intranets  and  VPNs  as  well 
as  e-commerce  on  the  Internet. 

i-Key  is  universal.  Because  it’s 
designed  for  USB  ports,  i-Key  is 
compatible  with  all  popular  comput¬ 
ing  platforms,  standard  Internet 
protocols  and  security  protocols. 

It  also  meets  current  authentication 
standards. 

i-Key  is  simple  to  use.  Just  insert 
it  into  a  computer’s  USB  port  and 
enter  a  PIN  number.  If  the 


The  NetSwift 
accelerator  card 
reads  encrypted  data 
from  i-Keys  and  other 
devices  at  line  speeds 
(unlike  servers),  to  grant 
faster  authorized  access 
through  firewalls  and  gateways. 


authentication 
server  doesn’t 
recognize  both, 
it  denies  access. 

i-Key  is  small 
and  portable.  Users  can 
securely  access  networks 
from  anywhere  in  the  world. 

i-Key  is  inexpensive.  It’s  a  cost- 
effective  security  tool  that  adds  value 
to  your  products. 

And,  when  used  with  NetSwift™ 
and  CryptoSwift™  accelerator  cards, 
i-Key  becomes  part  of  Rainbow 
Technologies’  comprehensive 
solution  for  increasing  network 
security  and  performance. 


NetSwift  VPN  crypto¬ 
graphic  accelerator  card 

NetSwift  provides  VPN  crypto¬ 
graphic  acceleration  for  gateways, 
firewalls  and  other  devices  at  line 
speeds.  Off-loading  this  processing 
to  NetSwift  frees  the  server  for 


Whenever  someone 
logs  onto  a  network, 
the  CryptoSwift  accelerator 
card  looks  for  the  ID  data 
on  an  i-Key  or  other  device  and 
swiftly  allows  or  denies  access. 


CryptoSwift  public-key 
cryptographic  accelerator  card 

In  applications  like  e-commerce, 
CryptoSwift  products  remove  the 
encryption  burden  from  the  server, 
processing  up  to  600  transactions 
per  second.  This  improves  server 
response  time  up  to  90%  while 
improving  server  capacity  tenfold. 


As  the  leader  in  security  technology, 
Rainbow  Technologies  helps  you 
add  more  value  to  your  products. 


For  more  information, 
visit  our  Web  site: 
http://i-key.rainbow.com 


greater  VPN  performance. 
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Early  VPN  adopters  face  the  challenges  of  sorting  out 
the  right  strategies  to  meet  corporate  goals 


BY  JEFFREY  KAPLAN 

s  organizations  become  more  geographically  dispersed  and  their  workforces  become 
more  mobile,  providing  anywhere/anytime’  access  is  a  business  imperative.  Accommodating  these 
requirements,  along  with  the  demands  of  electronic  commerce  and  network-connected  supply  chains, 
has  forced  organizations  to  seek  ways  to  reduce  communication  expenses  throughout  their  enterpris¬ 
es.  These  trends  have  been  key  drivers  behind  the  rapid  growth  in  Virtual  Private  Networks  (VPNs). 


With  an  explosion  in  VPN  products  and  services,  organizations 
now  face  the  challenge  of  sorting  out  the  right  ‘build  vs.  buy1 
strategy  to  meet  their  corporate  objectives. 

One-third  of  the  workforce  in  the  U.S.  depends  on  remote 
access  to  perform  their  jobs,  and  that  percentage  is  expected 
to  increase  rapidly,  according  to  Gartner  Group,  Inc.  The  elec¬ 
tronic  commerce  market  is  expected  to  grow  from  $43  billion 
in  1998  to  $1.3  trillion  in  2003,  according  to  Forrester 
Research  Inc.  As  a  result,  Infonetics  Research  forecasts  that 
the  VPN  market  will  grow  from  $205  million  in  1 997,  to  $  1 1 .9 
billion  in  2001. 

As  one  participant  of  a  recent  International  Network 
Services  (INS)  survey  put  it,  “VPNs  are  very  important  in 
making  a  spread-out  organization  connected.  Being  able  to  sit 
anywhere  connected  to  the  Internet  and  log  in  to  your  local 
network  is  a  huge  benefit.” 

AN  EARLY  ADOPTER  VIEWPOINT 

In  the  fall  of  1998,  Sunnyvale,  Calif.-based  INS  conducted  an 
industry  survey  to  assess  how  early  adopters  of  VPNs  were 
addressing  this  new  capability.  The  goal  was  to  help  end- 
user  organizations,  vendors,  and  service  providers  deter¬ 
mine  the  most  effective  approaches  for  implementing  and 
managing  VPNs. 

The  research  found  organizations  that  were  adopting  VPN 
strategies  had  three  connectivity  goals:  connect  with  mobile 
workers;  establish  an  extranet  with  business  partners;  and 
improve  branch  office  connectivity  (see  Figure  1).  These  con¬ 


nectivity  goals  are  the  drivers  behind  three  equally  important 
business  objectives:  reduce  network  costs;  improve  remote 
access  control;  and  improve  network  capabilities  (see  Figure  2). 

Overall,  85%  of  the  organizations  surveyed  were  satisfied 
with  their  VPN  capabilities  and  the  VPN  products  currently 
available.  The  research  also  found  that  the  early  adopters  of 
VPN  technologies  and  services  were  generally  happy  with 
their  design,  deployment,  management,  and  maintenance 
capabilities.  However,  nearly  90%  of  the  survey  participants 
felt  they  could  improve  their  VPN  capabilities. 

STRUCTURE  AND  SECURITY 

Of  the  respondents  without  VPNs,  half  said  they  were  consid¬ 
ering  an  internal  VPN,  and  half  were  considering  an  external 
VPN  service.  More  than  half  of  all  respondents  said  the  most 
frequently  implemented  type  of  VPNs  were  IP-based  tunnels 
between  sites  that  run  over  the  public  Internet  infrastructure. 
The  vast  majority  of  VPNs  (78%)  had  implemented  encrypt¬ 
ed  IP  protocols,  although  other  types  are  also  used  with  some 
regularity. 

VPN  CONNECTIVITY  GOALS 

Remote  Access  for  Mobile  Workers _ 


74% 


Extranet  or  Business  Partners  with  Privileged  Access 


69% 


Branch  Office  Connectivity 


61% 


Other 

■  3%  Figure  1 
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WORLDWIDE  LEADER  IN  SECURE  ENTERPRISE  NETWORKING 
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WHO  HAS  THE  MOST 

VPN 

EXPERIENCE? 


Check  Point. 

With  more  than  15,000  VPN  installations 
and  millions  of  remote  VPN  users. 


As  the  market  leader  in  virtual  private 
networking.  Check  Point  offers  the  industry’s 
most  comprehensive  software  &  hardware 
solutions  for  deploying  remote  client-to-site 
and  site-to-site  VPNs 

Check  Point's  VPN-I  product  family  enables 
you  to  leverage  the  internet  to  extend 
your  corporate  network  to  remote  offices 
mobile  workers  key  business  partners  and 
customers  -  all  while  protecting  the  privacy  of 
your  data  VPN-I  allows  you  to  establish  and 
deploy  a  single  enterprise-wide  policy  that 
encompasses  network  security,  traffic  control 
and  VPN  capabilities  Support  for  industry 
standard  encryption,  key  management 
protocols  and  x509  public  key  irrfrastuctures 
ensures  interoperability  with  partners  or 
multi-vendor  VPN  installations.  And  our 
centralized,  policy-based  management  letsyou 
control  it  all  from  a  central  point 


Check  Point’s  VPN-I  solutions  tightly  integrate 
advanced  VPN  technology  with  FireWallT  and 
FloodGate-T  enabling  unparalleled  performance 
scalability  and  flexibility  VPN-I  is  a  comprehensive 
suite  of  products  which  includes: 

•VPN-I  Gatewty  software 
•VPN-I  Appliances 

•  VPN-I  SecuRemote  clients 

•  VPN-I  Certificate  Manager 

•  VPN-I  Accelerator  Card 

All  of  our  products  are  backed  ty  an  exper¬ 
ienced  professional  services  group  and  24x7 
worldwide  customer  support 

Experience  counts.  At  Check  Point  we  have 
real  solutions  right  now.  Check  out  our  VPN 
white  paper  at  www.checkpoint.com/vpn 


■  Network  Security 

■  Traffic  Control 

■  IP  Address  Management 

■  OPSEC  Alliance 

■  Integrated  Policy  Management 
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Most  VPNs  in  current  use  among  survey  respondents  have 
network  perimeter  firewalls  with  VPN  capability  and/or 
remote  client  VPN  software.  Firewall-to-firewall  VPN  capabil¬ 
ity  is  also  common.  These  are  also  the  top  three  elements 
planned  for  implementation  over  the  next  six  months.  The 
VPN  elements  rated  most  important  were  encryption  capabil¬ 
ity,  remote  client  VPN  software,  firewall-to-firewall  VPN  capa¬ 
bility  (includes  intranets)  and  IPSec  (IP  V6  encryption). 

However,  security  issues  continue  to  concern  many  poten¬ 
tial  VPN  users. 

TURNKEY  VPN  SERVICES 

Turnkey  or  packaged  VPN  solutions  have  become  a  major  ini¬ 
tiative  of  service  providers.  VPNs  represent  the ‘Centrex’  service 
opportunity  of  the  new  millennium.  Although  only  15%  of  the 
survey  participants  are  using  a  turnkey  VPN  service,  most  said 
they  are  satisfied  with  that  service,  and  another  35%  of  respon¬ 
dents  are  considering  a  turnkey  VPN  service  for  the  future.  This 
is  a  strong  start  for  a  relatively  untested  technology. 

With  nearly  all  the  major  and  emerging  service  providers 
offering  VPN  solutions,  sorting  out  the  alternatives  and 
selecting  a  service  best  suited  to  meet  an  organization’s  needs 
is  a  difficult  task.  Survey  respondents’ key  criteria  for  selection 
was  the  proven  technical  capabilities,  service  level  guaran¬ 
tees/penalties  for  poor  performance,  vertical  market  experi¬ 
ence,  and  problem  reporting  capabilities  of  the  service 
providers. 

CHALLENGES  AND  BARRIERS 

It  is  important  to  note  that  despite  the  early  success  of  VPNs, 
fitting  the  right  solution  to  your  corporate  needs  is  not 
straightforward.  In  fact,  INS  survey  participants  recognize 
that  organizational  and  managerial  issues  are  as  significant 
technological  challenges. 

While  three-quarters  of  INS’  survey  respondents  were  sat¬ 
isfied  with  currently  available  VPN  products,  nearly  half  said 
inadequate  product  capabilities  (versus  business  require¬ 
ments)  is  still  the  greatest  barrier  to  improving  their  VPN 
capabilities.  Another  third  of  the  survey  participants  identi¬ 
fied  staff  training  and  justifying  the  costs/benefits  of  VPNs  to 
upper  management  were  additional  barriers. 

Organizations  who  have  said  they  need  help  implementing 
or  enhancing  their  VPNs  are  looking  for  assistance  in  design 
and  vendor  selection,  planning  and  technology  recommenda¬ 
tions,  implementation  and  operations.  Uncertainties  about 
VPN  cost-savings  are  also  a  concern. 


Most  Important  Business  Objectives  of  VPNs 
Driving  Deployment  of  Company  VPN 
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Figure  2 


ASSESSING  THE  ALTERNATIVES 

There  is  no  question  VPNs  are  becoming  a  viable  networking 
strategy  for  companies  to  improve  their  networking  capabili¬ 
ties  and  remote  access  security,  as  well  as  reduce  networking 
costs.  With  initial  satisfaction  levels  high,  rapid  growth 
appears  to  be  inevitable.  However,  organizations  should  not 
assume  that  VPNs  are  right  for  them  without  thoroughly 
understanding  their  networking  needs  and  capabilities. 

To  make  this  assessment,  an  organization  should  evaluate 
its  current  and  future  network  traffic  patterns.  The  evaluation 
should  include  volume,  content,  origination,  and  destination 
information  that  can  help  determine  future  infrastructure 
and  skills  requirements.  These  requirements  obviously  trans¬ 
late  into  budgetary  requirements,  which  should  be  matched 
against  the  promised  cost-savings  of  a  VPN.  Here  is  where 
things  get  complicated.  With  a  multitude  of  new  VPN  tech¬ 
nologies  and  services  hitting  the  market,  getting  a  clear  indi¬ 
cation  of  up  front  and  secondary  costs  of  a  VPN  may  take 
some  time.  Product  and  carrier  service  pricing  schedules  are 
changing  quickly. 

So  if  your  organization  decides  to  build  its  own  VPN,  you 
should  select  product  vendors  who  sell  devices  that  fit  your 
network  architecture  and  can  be  supported  by  their  staff 
resources.  If  you  choose  to  use  VPN  service  providers,  you 
should  look  for  solutions  that  match  your  business  require¬ 
ments  from  a  network  reliability,  geographic  coverage,  securi¬ 
ty  protocol  and  billing  system  perspective.  In  either  case,  the 
arguments  for  adopting  a  VPN  strategy  are  becoming  increas¬ 
ingly  compelling. 

Jeffrey  Kaplan  is  the  Director  of  Strategic  Marketing  of 
International  Network  Services  (INS)  based  in  Sunnyvale, 

Calif  He  can  be  reached  at  jeff_kaplan@ins.com. 
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A  roundtable  interview  with 


You’re  curious  about  VPNs,  but  you 
don’t  know  where  to  start.  Well,  you’re 
not  alone.  We  interviewed  three  VPN 
pioneer  users  to  find  out  their  firsthand 
experience  with  VPNs.  The  result  is 
advice  you  can  build  your  business  on. 


SIMON  EGGINGTON 

is  Information  and  Technologies 
Manager  for  Aristocrat,  Inc.  a 
Sydney,  Australia-based  multina¬ 
tional  concern.  Eggington,  who 
works  in  the  company’s  U.S. 
headquarters  in  Reno,  NV,  says 
his  end-users  didn’t  have  to  learn 
anything  new  to  reap  the  benefits 
of  his  VPN. 


LOUIS  GARY,  Network 
Manager  for  Hamilton 
Beach/Proctor-Silex,  Inc.  in 
Glenn  Allen,  VA,  tossed  out  his 
modems,  put  in  a  VPN,  and 
never  looked  back. 


BILL  CLASPE,  Director  of 
Franchise  Systems  for  AFC 
Enterprises  in  Atlanta,  GA,  has 
wired  together  hundreds  of 
restaurants  all  over  the  county. 
His  VPN  has  already  saved  the 
company  a  lot  of  money  and 
improved  access  to  key  infor¬ 
mation  resources. 


Qtell  us  about  the  business 

NEED  BEHIND  YOUR  VIRTUAL 
PRIVATE  NETWORK. 

■  EGGINGTON:  We  are  a  multinational  company  and  we 
are  also  in  the  gaming  industry.  There  is  a  great  deal  of  need 
for  security,  not  only  because  of  potential  corporate  espi¬ 
onage,  but  also  because  of  the  restrictions  put  on  by  the  gam¬ 
ing  regulators  of  each  state. 

We  wanted  a  fast,  secure  means  of  linking  our  sites,  and 
also  a  secure  means  for  people  in  the  field  to  dial  up  and  get 
access  securely  to  e-mail,  files  or  on-line  business  solutions. 
■  GARY:  We  used  to  use  a  dial  up  bank  of  modems,  and  we 
had  the  issue  of  the  modem  technology,  both  at  the  main 
office  at  the  remote  portable  systems,  which  has  to  be  main¬ 
tained.  With  the  advent  of  the  Internet  we  started  to  have  Web 
site  and  Web  site-based  information  sources.  We  chose  to  use 
a  VPN  to  not  only  get  rid  of  the  modem  technology,  the 
modem  bank  here  in  the  central  office,  but  also  to  allow  for 
the  Internet-based  access  for  information. 

■  CLASPE:  We  actually  installed  the  VPN  for  two  different 
reasons.  First,  we  built  an  extranet  to  support  our  franchise 
community.  We  are  a  restaurant  franchising  organization;  we 
have  five  different  restaurant  brands  and  about  450  fran¬ 
chisees  out  there.  We  changed  our  traditional  field  support 
model  into  a  combination  of  a  help  desk  support  and  an 
extranet  support  model.  So  end-users  can  call  the  help  desk 
during  regular  business  hours  to  get  information,  and  they  can 
go  to  the  extranet  to  not  only  get  documents  that  used  to  be 
delivered  on  paper,  but  also  processes  that  used  to  be  manual. 

Qcan  you  describe  the 

TECHNOLOGY  BEHIND  YOUR  VPNS? 

■  SIMON:  We  went  with  RADGUARD  [Mahwah,NJ].  RAD- 
GUARD  uses  IP  Filtering  and  Tunnel  Mode  IPSec,  which 
involves  a  combination  of  implementing  a  routed  network 

*For  a  complete  transcript  and  RealAudio  version,  point  your 
browser  to  www.nwfusion.com 
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topography  and  security  policy.  It  is  also  a  VPN  and  a  firewall 
in  a  single  unit,  which  was  important  to  us. 

■  GARY:  We  chose  to  use  the  RedCreek  Communications 
[Newark,  Calif.]  hardware-based  VPN  solution.  It  is  a  combi¬ 
nation  of  the  hardware  access  security  box  in  our  network  in 
the  office  here,  and  then  a  client  piece  that  resides  on  each  of 
the  remote  PC  laptop  systems.  We’ve  also  recendy  set  up  a 
supplier  on  the  other  side  of  the  world.  The  supplier  uses  the 
same  technology  to  get  into  my  system,  access  our  main  cor¬ 
porate  network,  and  process  inventory  movements.  The  hard¬ 
ware  approach  that  we  took  represents  an  easy  step  into  VPNs 
and  fairly  simple  configuration.  It  didn’t  require  us  to  get  the 
end-users  involved  or  force  them  to  learn  much  about  how  the 
system  works. 

■  CLASPE:  We  went  with  VPNet.  [VPNet  Technologies, 
San  Jose,  Calif.]  It  sounds  similar  to  the  RedCreek  solution  in 
the  fact  that  it’s  hardware  on  the  network  side  here,  and  then 
the  client  side  software  piece.  The  main  reason  that  we  decid¬ 
ed  to  do  this  was  just  the  maintenance  at  the  client  side.  It’s 
obviously  very  simple  compared  with  trying  to  put  hardware 
in  all  of  those  locations. 

Qhow  have  your  end-users 

REACTED  TO  THE  SYSTEM? 

■  EGGINGTON:  Our  end-users  are  very  pleased  with  it.  It 
has  been  so  transparent  to  them.  They  have  no  complaints 
about  usability,  and  it  is  easy  for  us  to  maintain. 

■  CLASPE:  Similarly  we  have  a  fairly  simple  interface,  so 
we  haven’t  had  any  issues  from  a  usability  point  of  view.  We 
have  had  several  people  inadvertently  delete  their  encryption 
key  and  we  have  had  to  go  back  and  send  them  a  new  key  and 
walk  them  through  the  installation  of  the  key.  But  other  than 
that,  we’ve  had  really  very  little  problem. 

■  GARY:  We  basically  have  had  a  very  positive  response 
from  our  user  base.  The  VPN  allowed  us  to  move  them  off  the 
modem-to-modem  connection  into  an  Internet-based  con¬ 
nection.  At  the  same  time,  we  kinda  opened  their  eyes  to  the 
world  of  the  Internet  and  to  the  technologies.  And  now  they 
get  their  files  in  a  much  more  readable  format. 

Qwhat  is  the  greatest  benefit 

IN  DEPLOYING  VPN  TECHNOLOGY? 

■  EGGINGTON:  Obviously  security  is  a  great  issue. 
Also,  being  able  to  transfer  end-users  over  to  Internet  dial 
up  at  a  fixed  rate  per  month,  rather  than  remote  access 
which  isn’t  the  most  secure.  The  cost  savings  have  been 
tremendous. 


HOW  IMPORTANT  IS  IT  YOU  YOUR  VPN 
SERVICE  PROVIDER  TO  OFFER  THE 
FOLLOWING  VPN  SERVICE  FEATURE? 

Break/fix  support 


1=Nof  at  all  important  to  5=ExtremeIy  important 

■  CLASPE:  Just  to  add  to  the  cost  savings  concept,  obvi¬ 
ously  that  is  a  great  benefit  for  us.  Our  field  users  are  current¬ 
ly  dialing  in  over  the  IBM  Global  Network  at  a  cost  of  $3.50  an 
hour  and  up,  depending  on  the  type  of  connection  that 
they’ve  got.  If  they  are  dialing  in  an  800  number,  it  is  actually 
more.  I’m  experimenting  with  a  product  called  freewwweb 
[Internet  Media  Solution,  Buffalo,  NY]  which  is  using  the  tele¬ 
vision  model  of  advertising.  It’s  a  one  time  Internet  connec¬ 
tivity  fee.  For  a  single  user  it  is  $99.  If  you  get  to  a  couple  of 
hundred  users  they  get  it  down  into  the  $50’s.  And  that’s  it,  a 
one  time  fee,  lifetime  connectivity.  I  figure  if  that  lasts  a  few 
months,  I’ve  paid  for  it  basically. 

■  GARY:  We  have  a  similar  savings,  in  that  we  replaced  an 
800  number  that  was  being  used  for  the  modem-based  dial- 
in  that  was  costing  upwards  of  $25,000  a  year.  Now  the  sales 
force  has  the  typical  $20  a  month  Internet  provider  charge  for 
an  unlimited  time.  They  actually  get  more  than  before.  It  was 
costing  us  $25,000  for  just  the  data  connection  to  download 
data.  Now  they  can  do  that,  but  then  they  can  also  browse  the 
Web.  So  we’re  saving  easily  $15,000  a  year  just  on  the  cost  of 
the  connection. 

The  other  thing  that  drives  us  is  flexibility.  We  are  looking 
at  expanding  globally,  and  the  Internet  is  the  best  global  infra¬ 
structure  to  get  into. 
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PERCENTAGE  OF  INTERNAL 
NETWORK  OPEN  TO  SUPPLIERS  & 
TRADING  PARTNERS 

TODAY  IN  THE  NEXT 
12  MONTHS 


50%  - 100% 

4.4% 

12.3% 

20%  -  40% 

6.2% 

21.5% 

10-%  - 19% 

17.3% 

21.9% 

Less  than  10% 

20.9% 

16.9% 

None 

50.2% 

19.2% 

Q  HAVE  THERE  BEEN  ANY 

SIGNIFICANT  PROBLEMS  IN 
ESTABLISHING  YOUR  VPNS? 

■  EGGINGTON:  We  had  the  usual  issues  of  familiarity 
with  the  system,  learning  the  protocols  and  the  order  in  which 
to  place  your  policies,  your  entries  and  such.  But  our  provider 
was  terrific.  The  remote  client  was  very  easy. 

■  GARY:  The  only  problem  I  can  remember  is  a  hardware 
failure.  The  manufacturer,  very  quickly  replaced  the  box.  That 
was  pretty  much  the  only  trouble  we  had. 

■  CLASPE:  Our  initial  installation  was  very  smooth,  and 
the  installation  of  the  client  is  pretty  smooth.  The  thing  that 
we  found  was  that  the  generation  of  the  encryption  key  actu¬ 
ally  takes  a  lot  of  crunching,  I  don’t  know  if  it  is  because  of  the 
level  of  encryption  that  we  are  dealing  with,  but  a  key  could 
take  upwards  of  an  hour  to  be  created. 

Qhow  do  you  THINK  VPN 

TECHNOLOGY  WILL  CHANGE 
IN  THE  COMING  YEARS? 

■  EGGINGTON:  Being  a  multinational  company  we  have 
a  bit  of  a  problem  with  the  level  of  exportable  encryption.  I 
would  like  to  see  the  exportable  level  increased. 

■  GARY:  Our  direction  might  actually  be  away  from  VPN 
for  some  issues  that  can  be  solved  with  a  secured  Web  server. 
We’re  looking  at  creating  a  Web  site  that  has  secured  areas  that 
we  control.  We  would  have  log-in  name  and  password  type  of 
access  in  order  to  give  people  information. 

■  CLASPE:  My  expectation  is  that  VPN  technology  will 
move  toward  becoming  a  value-added  service  from  the 
Internet  Service  Providers.  With  some  of  the  larger  ISPs,  I 
think  this  is  already  happening.  I  see  this  client  side  begin¬ 
ning  to  get  bundled  with  the  dialers  that  they  provide  and 


enabled  as  a  value-added  service. 

“My  expectation  is  that  VPN  Technology  will  move  towards 
becoming  a  value-added  service  from  Internet  Service 
Providers.” 

Q  ANY  TIPS  FOR  PEOPLE  THAT 

ARE  JUST  BEGINNING  TO  LOOK 
AT  THIS  AREA? 

■  EGGINGTON:  The  biggest  tip  is  to  thoroughly  evaluate 
your  business  needs.  You  should  do  a  lot  of  research  to  make 
sure  you’re  getting  a  proper  solution  for  the  right  amount  of 
investment. 

■  GARY:  I  would  second  that.  You  need  to  know  your  net¬ 
work,  and  you  need  to  know  the  business  requirement  to  jus¬ 
tify  and  determine  what  solution  fits. 

QANY  THERE  ANY  SPECIFIC  PITFALLS 
YOU  WOULD  LIKE  WARN  OTHER 
FOLKS  ABOUT? 

■  GARY:  I’d  say,  don’t  take  the  deal  of  the  week.  Do  the 
research,  look  around,  and  evaluate.  The  vendors  all  want  you  to 
‘try  and  buy\  So  try  a  couple  of  them  and  if  the  first  one  feels 
good,  at  least  try  another  one,  and  make  sure  that  it  is  good. 

■  EGGINGTON:  Usability  is  also  a  key  factor.  You  need  to 
balance  the  levels  of  security,  functionality,  and  ease  of  con¬ 
figuration.  You  need  to  evaluate  how  valuable  your  data  is  to 
your  competitor  or  somebody  else. 

Qwhat  is  your  overall  level 

OF  SATISFACTION  WITH  YOUR 
VIRTUAL  PRIVATE  NETWORK? 

■  EGGINGTON:  After  having  it  for  a  year,  and  doing  the 
initial  tweaking  and  the  upgrades,  we’re  very  satisfied  and 
very  confident  in  it.  We  are  finding  additional  uses  for  it  and 
additional  ways  to  offset  the  cost  of  our  data  circuits  such  as 
voice  over  IP,  eventually  video  conferencing. 

■  GARY:  I’ve  been  very  satisfied  with  our  selection  of  the 
RedCreek  solution.  What  I’ve  got  now  for  Windows  95  envi¬ 
ronments  on  the  remote  VPN  side,  and  also  network-to-net- 
work  I  have  been  satisfied  with. 

■  CLASPE:  I  too  have  been  satisfied  with  the  decision  and 
with  the  folks  at  VPNet.  Our  PCs,  at  least  the  ones  on  the  fran¬ 
chise  side,  we  purchased,  we  configured,  we  locked  down  the 
desktop,  and  we  rolled  them  out.  We  had  complete  control 
over  the  configuration,  which  was  nice.  On  the  network  side, 
my  network  guy  installed  the  hardware  in  a  day.  There  were 
really  no  major  issues. 
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TECH  TALK: 


■  I  reating  a  virtual  private  network  isn’t  like  creating 
W  any  private  data  network.  Since  VPNs  forward  data 
over  the  shared  Internet  rather  than  over  dedicated  leased  lines, 
VPNs  place  different  demands  on  your  network  equipment. 
First,  there’s  the  virtual  aspect  of  VPNs.  The  network  is  dynam¬ 
ic,  with  connections  set  up  between  sites  according  to  the  orga¬ 
nizational  needs.  Unlike  the  leased  lines  links  used  in  tradi¬ 
tional  private  networks,  Internet  VPNs  do  not  maintain  perma¬ 
nent  links  between  the  end-points  that  make  up  the  corporate 
network.  Second,  rather  than  depending  on  the  security  of  data 
associated  with  private  lines,  VPNs  have  to  maintain  the  priva¬ 
cy  of  communications  in  other  ways,  mainly  by  encrypting  the 
data  that’s  forwarded  between  sites. 

To  protect  data  transmitted  on  a  VPN  and  make  each  corpo¬ 
rate  VPN  site  appear  to  be  directly  connected  to  each  other  site, 
VPN  hardware  or  software  creates  tunnels  through  the  net. 

To  create  a  tunnel,  the  source  end  encrypts  its  outgoing 
packets  and  encapsulates  them  in  IP  packets  for  transit  across 
the  Internet  (see  chart).  At  the  receiving  end,  a  gateway  device 
removes  and  decrypts  the  packets,  forwarding  the  original 
packets  to  their  destination. 

Tunnels  can  consist  of  two  types  of  end-points:  an  individ¬ 
ual  computer  or  a  LAN  with  a  security  gateway  (which  might 
be  a  router  or  firewall,  for  instance).  In  LAN-to-LAN  or  site- 
to-site  tunneling,  a  security  gateway  at  each  end-point  serves 
as  the  interface  between  the  tunnel  and  the  private  LAN.  In 
such  cases,  users  on  either  LAN  can  use  the  tunnel  transpar¬ 
ently  to  communicate  with  one  another.  This  is  usually  done 
in  a  corporate  environment. 

Client-to-LAN  tunnels  on  the  other  hand,  are  usually  set  up 
to  connect  either  a  mobile  user  or  a  small  branch  office  to  a 
corporate  LAN.  The  client  (the  mobile  user  for  example)  ini¬ 
tiates  the  creation  of  the  tunnel  on  his  end  to  exchange  traffic 
with  the  corporate  network.  To  do  so,  he  runs  special  client 
software  on  his  computer  to  communicate  with  the  gateway 
protecting  the  destination  LAN. 


THE  PROTOCOL  LINE-UP 

Four  protocols  have  been  suggested  as  VPN  solutions.  Three 
are  designed  to  work  at  layer  2  of  the  OSI  model,  the  link  layer 
—  the  Layer  2  Forwarding  (L2F)  Protocol,  the  Point-to-Point 
Tunneling  Protocol  (PPTP),  and  the  Layer  2  Tunneling 
Protocol  (L2TP).  The  only  VPN  protocol  for  Layer  3  is  Internet 
Protocol  Security,  or  IPSec,  which  has  been  developed  by  the 
IETF  over  the  past  few  years. 

Each  of  these  protocols  support  tunneling,  although  they 
use  different  standards  for  creating  the  tunnels.  For  instance, 
PPTP  uses  the  Generic  Routing  Encapsulation  (GRE)  protocol 
for  encapsulating  packets  for  a  tunnel,  while  L2F,  L2TP  and 
IPSec  each  have  their  own  various  encapsulation  methods. 

The  capabilities  of  authentication  and  encryption  algo¬ 
rithms  for  protecting  the  data  also  varies  from  protocol  to 
protocol.  PPTP  and  L2F  use  a  limited  number  of  rather  weak 
authentication  and  encryption  algorithms  while  IPSec  sup¬ 
ports  a  wide  variety  of  systems,  including  digital  certificates 
for  authentication  and  Triple  DES  Data  Encryption  Standard 
for  strong  encryption.  Since  it’s  derived  from  PPTP  and  L2F, 
L2TP  builds  on  the  features  found  in  those  two  protocols,  but 
it’s  designed  to  use  many  of  the  authentication  and  encryp¬ 
tion  systems  defined  within  IPSec. 

IPSec  is  often  considered  the  best  VPN  solution  for  IP  envi¬ 
ronments,  as  it  includes  the  strongest  encryption  and  authen¬ 
tication  measures,  as  well  as  a  management  system  for  the 
required  cryptographic  keys  in  its  set  of  standards.  Since 
PPTP,  L2F  and  L2TP  encapsulate  packets  at  layer  2,  they’re 
capable  of  handling  traffic  other  than  IP,  such  as  IPX  and  NET¬ 
BEUI.  IPSec,  operating  at  layer  3,  can  only  work  with  IP  traffic. 

BUILDING  A  VPN 

An  Internet  VPN  has  three  main  components  (See  chart): 
security  gateways,  security  policy  servers,  and  certificate 
authorities.  Not  all  of  these  components  have  to  be  used  in 
every  current  VPN  product,  however. 
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Security  gateways  sit  between  public  and  private  networks, 
preventing  unauthorized  intrusions  into  the  private  network. 
They  provide  tunneling  capabilities  and  encrypt  and  decrypt 
private  data  before  and  after  it  is  transmitted. 

In  general,  the  equipment  you  need  to  install  at  the  corpo¬ 
rate  site  for  a  VPN  can  be  part  of  a  router,  a  firewall  or  a  self- 
contained  VPN  appliance.  Since  routers  have  to  examine  and 
process  every  packet  that  leaves  the  LAN,  it  seems  only  natur¬ 
al  to  include  packet  encryption  on  routers.  Vendors  of  router- 
based  VPN  services  usually  offer  two  types  of  products:  add¬ 
on  software  or  an  additional  board  with  a  coprocessor-based 
encryption  engine.  The  coprocessor-based  encryption  engine 
is  best  for  situations  that  require  greater  throughput,  but  even 
this  may  not  match  the  throughput  offered  by  other  VPN 
hardware.  If  you’re  already  using  the  vendor’s  routers,  then 
adding  encryption  support  software  to  these  routers  can  keep 
the  upgrade  costs  of  your  VPN  low. 

Many  firewall  vendors  include  a  tunneling  capability  in 
their  products.  Like  routers,  firewalls  have  to  process  all  IP 
traffic  —  in  this  case,  to  pass  traffic  based  on  the  filters 
defined  for  the  firewall.  Combining  tunneling  and  encryption 
with  firewalls  is  probably  best  used  on  a  small  network  with 
limited  traffic.  However,  some  firewall  vendors  also  offer 
encryption  coprocessors  for  greater  throughput. 

You  can  also  use  special  hardware  that’s  designed  for  the 
task  of  tunneling  and  encryption.  These  devices  usually  oper¬ 
ate  as  encrypting  bridges  that  are  typically  placed  between 
your  network’s  routers  and  WAN  links.  The  hardware  tunnels 
are  mostly  designed  for  LAN-to-LAN  configurations,  however 
some  products  also  support  client-to-LAN  tunneling. 

MAINTAINING  SECURITY 

To  maintain  the  security  of  your  VPN,  you  need  to  restrict  it’s 
use  by  authenticating  its  users.  This  can  be  done  through  the 
security  policy  server  that  maintains  the  access  control  lists 


and  other  user-related  information  that  the  security  gateway 
uses  to  determine  which  traffic  is  authorized.  The  policy  serv¬ 
er  might  be  something  as  simple  as  a  Windows  NT  Server, 
NDS,  or  a  RADIUS  server,  or  it  might  be  a  policy-based  man¬ 
agement  server  that  aggregates  user  authentication  informa¬ 
tion  from  a  variety  of  sources. 

For  stronger  authentication  of  users  and  security  gateways, 
companies  can  use  digital  certificates.  VPN  designers  can 
select  either  an  in-house  certificate  server  or  a  certificate 
authority,  which  is  a  third  party  that  maintains  the  digital  cer¬ 
tificates.  If  a  corporate  VPN  grows  into  an  extranet,  then  an 
outside  certificate  authority  may  also  have  to  be  used  to  veri¬ 
fy  users  from  your  business  partners. 

HANDLING  REMOTE  USERS 

Most  of  the  descriptions  of  VPNs  in  this  article  have  focused  on 
LAN-to-LAN  VPNs.  Yet  many  companies  are  building  VPNs  for 
dial-in  users  so  that  they  can  reduce  their  remote  access  costs. 
The  main  difference  between  LAN-to-LAN  VPNs  and  dial-in 
VPNs  is  that  the  security  gateway  for  the  main  site  of  a  dial-in 
VPN  (to  which  the  remote  users  connect)  must  be  able  to 
authenticate  individual  users  rather  than  other  gateways. 

Setting  up  a  dial-in  VPN  also  requires  the  remote  user’s 
computer  to  have  VPN  client  software  that  handles  tunneling 
and  encryption.  In  some  cases,  this  is  pretty  simple,  because 
Windows  95/98  includes  a  PTPP  client;  Microsoft  Corp.  also 
promises  an  L2TP  client  and  IPSec  client  in  Windows  2000. 
But  if  you’re  interested  in  the  stronger  encryption  and  authen¬ 
tication  features  of  IPSec,  you’ll  have  to  install  special  client 
software  on  your  users’  computers. 


Dave  Kosiur  is  an  analyst  with  The  Burton  Group,  headquar¬ 
tered  in  Salt  Lake  City,  Utah.  His  latest  book,  "Building  and 
Managing  Virtual  Private  Networks,’ is  available  from  John 
Wiley  &  Sons,  Inc.  He  can  be  reached  at  dkosiur@tbg.com. 
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San  Francisco  •  April  20 
Seattle  •  April  21 
Boston  •  May  4 
New  York  •  May  5 
Philadelphia  •  May  26 
Washington,  DC  •  May  27 
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Seminar  Registration  Fee 


Bring  your  colleagues  and  take 
advantage  of  our  Team  Discounts 

2  registrants  S400  each 

3  registrants  $350  each 
Every  4th  registration  is  FREE 


For  complete  program  agenda  and 
registration  information,  contact  us  at 


800  643-4668 


www.nwfusion.com/seminars 


Have  confidence  in  the 
solution  you  choose. 

Network  WorldTechnical  Seminars  has  brought  together  one  of  the 
industry's  leading  VPN  experts,  Eric  Zines  of  TeleChoice,  Inc.,  and 
leading  VPN  solution  providers  in  a  comprehensive  one-day  Seminar, 
The  program  is  designed  specifically  to  help  you  better  understand  this 
technology,  the  factors  you  must  consider  during  the  decision-making 
process,  and  the  information  you  need  to  choose  the  right  VPN  solution 
for  your  business.  Mr.  Zines  will  explain  not  just  how  VPNs  work,  but 
how  they  can  be  applied  to  real-world  situations.  Equally  as  important  is 
knowing  which  solution  provider  can  best  guide  you  through  the 
implementation  process. This  seminar  will  give  you  the  unique 
opportunity  to  discuss  your  specific  needs  via  live,  face-to-face 
interaction  with  the  industry’s  leading  VPN  solution  providers. 


Benefits  of  Attending 

•  Discover  how  VPNs  can  benefit  your  enterprise 

•  Explore  future  directions  of  VPNs  and  their  effect 
on  your  business 

•  Compare  and  contrast  product  and  service  offerings 
available  for  implementing  a  VPN 

•  Gain  insight  into  the  network  management  and 
administration  issues  associated  with  VPNs 
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Training 
consultancy 
reaches  worldwide 
clients  with  more 
cost-effective  VPNs 


tions,  you  have  to  go  global  too.  But  that’s  not  an  easy  order  to 
fill  -  especially  for  firms  like  Boston-based  training  consul¬ 
tancy  The  Forum  Corp.,  which  doesn’t  have  the  same 
resources  as  its  much  larger  customers. 

Fortunately,  VPNs  can  provide  the  answer. 

For  Enno  Becker,  Forum’s  director  of  IT  infrastructure, 
VPN  technology  delivers  three  things  his  company  needs. 
First,  an  Internet-based  VPN  significantly  reduces  the  cost  of 
international  connectivity.  “Our  bills  for  an  ISDN  line  to  Hong 
Kong  averaged  around  $6,000-$7,00Q  a  month  and  could  go 
as  high  as  $10,000,  depending  on  utilization,”  he  recalls.  By 
using  his  Internet  Service  Provider’s  network  instead  of  the 
public  telephone  network,  that  price  was  slashed  to  just 
$3,000.  And  the  performance  of  the  VPN  has  actually  been 
better  than  the  ISDN  connection.  Becker  speculates  that  that’s 
because  the  ISDN  link  had  to  be  pass  through  multiple  carri¬ 
ers’  telephone  gateways,  whereas  his  VPN  connection  runs 
over  a  single  ISP’s  network  from  end  to  end. 

Second,  the  lower  circuit  costs  offered  by  VPN  technology 
enable  Forum  to  boost  bandwidth.  For  example,  a  $4,000-per- 
month  56Kbps  frame  relay  connection  to  London  was 
replaced  with  a  $5,Q00-per-month  256Kbps  local  connection 
to  Forum’s  ISP.  That  kind  of  big  bandwidth  boost  is  critical  for 
a  company  like  Forum  that  needs  to  deliver  multimedia  con¬ 
tent  to  customer  locations  around  the  world.  “Our  ability  to 
deliver  courseware  electronically  is  going  to  be  a  key  compet¬ 
itive  advantage  to  us  moving  forward,”  Becker  says.  “So 


Enno  Becker,  director  of  IT  infrastructure  at  The  Forum  Corp. 


increased  network  capacity  is  a  must.” 

Thirdly,  and  just  as  importantly,  Forum’s  Internet-based 
VPN  gives  the  company  the  flexibility  to  quickly  add  new 
nodes  to  its  network  any  time,  anywhere,  “as  long  as  they  can 
get  to  the  Internet,  we  can  get  them  on  to  the  VPN,”  says 
Becker.  Not  only  does  this  allow  Forum  to  inexpensively  con¬ 
nect  small  offices  or  remote  users  in  out-of-the-way  places  to 
its  network,  it  also  allows  them  to  easily  link  to  customers 
across  a  secure  extranet.  All  that’s  needed  is  the  proper  autho¬ 
rization,  and  they’re  in  business. 

In  fact,  to  make  the  process  even  easier,  Becker  is  now  inte¬ 
grating  administration  of  his  VPN’s  firewall  and  encryption 
tools  directly  to  his  network’s  Novell  NetWare  Directory 
Services  (NDS)  facilities.  “It  used  to  be  that  you’d  have  to  add 
a  user  to  NDS  and  then  add  them  to  the  VPN  separately!’  he 
explains.  “Now,  we  can  just  add  them  to  the  directory  and 
automatically  give  them  access  to  the  VPN.” 

Becker  has  one  note  of  caution  to  those  who  see  VPN  tech¬ 
nology  as  a  panacea,  especially  for  extranet  connectivity  to 
customers:  sometimes  the  biggest  sticking  points  for  a  project 
are  political,  not  technical.  “We  thought  we’d  be  able  to  go  to 
big  companies,  and  they’d  just  link  up,”  notes  Becker.  “But  with 
everything  else  they  have  on  their  plates,  they’re  just  not  going 
to  give  a  high  priority  to  a  human  resources  service  like  ours.” 

For  customers  who  don’t  take  advantage  of  Forum’s  VPN, 
Becker  provides  secure  Web  page  access  using  the  Secure  Sockets 
Layer  (SSL)  protocol.“It’s  only  good  for  HTML  access,”  he  admits. 
“But  it  still  gives  them  access  to  the  content  they  need.” 
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P  u  11  ing  together  Virtual  Private  Network 


w  i  t  h  a  power  f  u  1  1  o  r  c  e  c  a  lied  experience. 


Compatibility.  Security.  Manageability.  Availability.  Your  VPN  solution  requires  all  of  the  above,  along  with  the  scalability 
and  Flexibility  to  keep  evolving  with  todays  ever-changing  networking  environment.  Only  Ascend  MultiVPN  solutions  go 
beyond  basic  tunneling  to  afford  a  lull  range  ol  product  and  technology  choices  that  meet  your  specific  VPN  needs.  Remote 
access.  Secure  extranets.  Branch  office  connectivity.  And  multimedia  VPNs  that  integrate  data,  voice,  and  video 
communications.  No  matter  what  the  application,  Ascend  delivers  the  industiys  most  advanced  and 
comprehensive  VPN  solution.  Want  proof?  Ascend  is  #1  in  VPNs*  So  when  it  comes  to  sending  your  r 

private  information  over  the  public  network,  we  think  you  II  agree  that  experience  makes  the  best  ASCEND 

escort.  For  a  complete  overview  of  Ascend  MultiVPN  solutions  for  the  Enterprise,  visit  us  at  7777  77“  7 
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scend.com/enterprisevpn.  Ami  tap  into  the  defining  powers  ol  an  Ascend  MultiVPN  solution.  Solutions  Never  End 
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Free  Product  info  enter  NWInfoXpress  #87  online  @  www.networkworld.com/infoxpress 


Attention  Telecommuters:  Get  in  the 


Fast  Lane! 


IntraPoH  2+ 


If  you  telecommute  and  have  a  DSL  or  cable-modem  connection  at 
home,  you  could  access  your  company's  network  using  the  same 
breakneck  speed  you've  gotten  used  to  at  the  office!  Virtual  Private 
Networking  (VPN)  is  the  answer.  Compatible  Systems'  IntraPort™ 
family  of  VPN  access  servers  gives  you  secure  access  to  your 
corporate  network  via  the  Internet.  Of  course  IntraPort  works  with 
all  computing  platforms  (Linux,  Solaris,  NT,  Mac,  Win  95  and  98)  so 
you  can  use  all  your  familiar  software  programs. 

Compatible  Systems  has  the  answer  to  speed  up  your  telecommute. 
Register  online  to  receive  your  free  "High  Speed"  t-shirt  at 
www.compatible.com/highspeed/ 


VPN  that  fills  your  need  for  speed™ 


Compatible  Systems 

the  VIRTUAL  leader 


www.compatible.com 


IntraPort  and  IntraPort  Enterprise  are  trademarks  of  Compatible  Systems  Corp.  All  other  product  names  are  trademarks  of  their  respective  manufacturers. 


Free  Product  info  enter  NWInfoXpress  #85  online  @  www.networkworld.com/infoxpress 
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KEEPING 
YOUR  COOL 


Why  run  around  putting  out  fires,  when  you  can  pre-empt  them  altogether  from  your  desk?  (Or  anywhere  via  the  web.)  Seagate  iviat  a 


proactively  monitors,  analyzes,  and  reports  on  Windows  NT  and  Novell  NetWare  systems’  health,  alerting  you  to  problems  before  use 


Software.  Inc.  Seagate  Manage  Exec 


If  you  only  know  Compaq  for  PCs  and 
servers,  do  you  really  know  Compaq? 

All  over  the  world,  the  IT 
bedrock  that  companies 
build  on  comes  from 
Compaq.  We’ve  created 
enterprise  systems  for 
18  of  the  top  20  U.S. 
banks.  Over  100  stock 
iw~<ax>  exchanges  worldwide. 

Sixty  percent  of  the 
Andihemxt  io.  planet’s  power  generation/ 

And  the  , .  . . 

io  after  that,  distribution  systems. 
Ninety  percent  of  the  world’s 
microprocessor  production. 

And  this  isn’t  just  hardware. 
Compaq  delivers  complete  enterprise 
solutions.  The  mission-critical  systems 
that  keep  business  in  business. 

Who  out-integrates  the  top  integrators? 
Including  IBM? 

This  may  surprise  you. 

It’s  Compaq.  In  fact,  Compaq 
beat  out  the  biggest  names 
in  IT  integration  in 
InformationWeek’ s  annual 
poll  of  IT  professionals, 
finishing  second  by  the  slimmest 
of  margins.  If  you  need  to  get 
the  most  out  of  your  IT 
investment,  we  don’t  just  have 
the  answer.  We  are  the  answer. 


Whose  systems  run  17  of  the  20 
largest  stock  exchanges,  worldwide? 

It’s  the  same  folks  who  enable 
over  60%  of  the  world’s  interbank 
transactions.  Compaq.  With 
systems  and  support  services  that 
allow  hundreds  of  millions  of 
dollars  to  flow  safely  all  over  the 
world,  every  second  of  every  day. 
It’s  the  ultimate  in 
mission-critical, 
fault-tolerant 
NonStop®  computing 
The  kind  we  provide,  not  just  for 
the  financial  world,  but  for  all 
kinds  of  industries. 


why  not  go  with  some  of  the  people 
who  know  it  best? 

Who  outruns  everyone  under  the  sun 
(including  Sun)? 

Compaq’s  lead  in  high-perfor¬ 
mance  64-bit  UNIX®  computing  is 
huge,  and  growing.  For  example,  we 
set  an  all-time  TPC-C  record  running 
Oracle  8 M  on  clustered  AlphaServer® 
systems.  What  does  this  mean  in  real 
life,  you  ask?  It  means  that  we  can 
help  you  do  things  in  a  few  seconds 
that  used  to  take  you  days. 

Who  helps  millions  of  e-mail  users 
explain,  expound,  collaborate  and 
just  plain  talk? 

Compaq  systems  and 
support  people  help  run  many  of 
the  world’s  largest  e-mail  systems. 

Clrnbal  ? 
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Where  in  the  world 
do  you  do  business? 

No  matter: 
our  27,000  service 
professionals  call 
114  countries  home. 


Who  knows  SAP  R/3 
like  no  one  else  (except, 
of  course,  SAP)? 

We  have  over  5,000  R/3 
installations  under  our  belts — 
more  than  any  other  competitor. 
To  put  R/3’s  enormous  power 
to  work  in  your  business, 


We’re  also  the  number  one  integrator 
of  Microsoft  Exchange®  with  over 
400  global  customers.  If  you’ve  got 
a  large  project  ahead,  remember: 
We  can  be  a  big  help. 

Where  does  the  enterprise  store  its 
gigabytes,  terabytes  and  googolbytes? 

Once  again,  we’re  the  answer. 
Compaq  StorageWorks®  delivers  the 
widest  array  of  multi-user  storage 
products  in  the  business.  And  they’re 
designed  to  solve  storage  problems 
for  any  enterprise,  no  matter  which 
hardware  and  software  you  already 
use:  ours,  theirs,  anyone’s. 


AltaVista-created  by  Compaq,  running  on  Compaq  AlphaServer 
systems- handles  1  billion  Internet  searches  per  month. 


*(102541tpmC  @  $139.49/tpmC-Available  September  15,  1998)  ©1999  Compaq  Computer  Corp.  Better  answers  is  a  service  mark  of  Compaq.  AlphaServer,  NonStop.  AltaVista  and  StorageWorks  are  registered  trademarks  of  Compaq 
Microsoft  Exchange  is  a  registered  trademark  and  MSN.com  is  a  trademark  of  Microsoft  Corporation.  All  other  names  are  trademarks  or  registered  trademarks  of  their  respective  companies. 


All  of  the  world’s  top  10  aerospace  companies  fly  with 
Compaq.  (There’s  no  better  launch  platform  for  technical 
computing  than  Compaq  64-bit  UNIX.) 


When  telephone  companies  all  over 
the  world  dial  911,  who  picks  up? 

Did  you  know  that  ah  of  the 
top  30  telcos  depend  on  Compaq 
for  everything  from  fault-tolerant 
NonStop  computing  to  compre¬ 
hensive  disaster  relief? 

So  do  more  than  170  other 
telecommunications  companies. 

If  your  company  could  use  that 
kind  of  reliable,  bulletproof 
computing,  why  not  give  us  a  call? 


Who 


knew? 


Ever  buy  stock  online? 

Or  bank  in  your  pajamas? 

Three  quarters  of  the  top  ISPs 
choose  Compaq  to  keep 
millions  of  subscribers  connected. 

Four  out  of  the  five  most  popular 
Web  sites  are  powered  by  Compaq. 
Microsoft  chose  us  to  implement 
and  manage  the  infrastructure  for 
MSN. corn" 

And  AltaVista® 
the  most  powerful 
and  useful  guide  to 
the  Internet?  We 

i  ,  •  •  needs  a  rock-solid 

non  t  JUSt  run  It.  foundation.  So  thousands  of 
_V7.  .  ,  .  e-businesses,  large  and  small,  tap 

We  invented  It.  Compaq  for  systems,  solutions,  support. 


In  other  words,  as  enterprise 
computing  moves  onto  the  Internet, 
it’s  also  moving  onto  Compaq. 


Want  to  know  more? 

More  details?  More  case 
histories?  More  references? 
Better  answers  to  the  toughest 
IT  challenges  there  are? 

You’ll  find  them  at 
www.compaq.com/betteranswers . 

Or  call  us  at 
1-800-AT-COMPAQ. 


COMPAQ. 

Better  answers: 

www.compaq.com/betteranswers 


Mission-critical  NonStop  enterprise 
systems  for  more  financial  exchanges,  more  ATM  networks 
and  more  of  the  world’s  top-tier  banks  than  any  other  company. 


Infrastructure 


OpenVMS, 

continued  from  page  13 

recently  outlined  an  OpenVMS  techni¬ 
cal  roadmap  for  the  next  five  years. 
"We  have  an  incredibly  large  and  loyal 
installed  base  and  are  actively  invest¬ 
ing  in  OpenVMS,”  Marcello  says.  “We 
have  a  very  large  organization  with 
500  folks  dedicated  to  developing  it 
for  the  foreseeable  future.”  Compaq 
claims  slight  growth. 

Doubting  Thomases 

Nevertheless,  a  large  number  of 
Digital  users  are  nervous  and  ready  to 
defect  to  other  platforms,  says  an  ana¬ 
lyst  with  a  Washington,  D  C.  consul¬ 
tancy.  Bolstering  that  claim,  he  cites 
his  survey  of  75  Digital  users.  The 
analyst,  who  was  a  Digital  employee 
for  20-plus  years,  says  network  man¬ 
agers  have  noticed  a  drop-off  in 
things  such  as  routine  sales  calls  and 
the  quality  of  support  staff  from 
Compaq.  About  one-third  of  those 
surveyed  expressed  serious  frustra¬ 
tion  and  doubt  regarding  the  future 
of  OpenVMS 

The  analyst  also  claims  Compaq 


spends  a  minimal  amount  of  money 
for  OpenVMS  and  will  probably  stop 
making  enhancements  by  2006,  when 
the  product  will  no  longer  be  prof¬ 
itable.  Moreover,  since  Compaq’s 
acquisition  of  Digital,  many  of  Digital’s 
best  OpenVMS  engineers  have  left  for 
other  companies. 

However,  Compaq’s  Marcello 
claims  the  retention  rate  for  his 


employees  is  as  good  or  better  than 
the  industry  average.  Marcello  says 
he  hires  10  to  15  new  employees 
annually. 

One  former  customer  and  VMS 
business  partner  says  he  is  feeling  the 
pain.  “Through  the  years,  Digital,  dur¬ 
ing  cuts  or  reorganizations,  neglected 
support  of  OpenVMS,”  says  Virgil 
Burton,  value-added  reseller  product 


manager  for  McCue  Systems,  a 
Burlingame,  Calif.,  maker  of  business 
software  products.  McCue  sold 
OpenVMS  business  software  and  used 
OpenVMS  systems  for  its  internal 
operations. 

After  the  Compaq  acquisition, 
Burton  says  the  exodus  of  qualified 
OpenVMS  troubleshooters  from 
Digital  worsened  and  “support 
decreased,”  leaving  users  with  “more 
desperation  and  frustration.”  Burton 
believes  the  end  of  OpenVMS  is  in 
sight.  “That’s  pretty  scary;  there  are  a 
lot  of  applications  operating  on 
OpenVMS,  and  Compaq  wants  to 
replace  it  with  their  Unix.” 

McCue  has  been  migrating  its  net¬ 
work  and  products  to  Unix,  Burton 
says.  McCue,  like  Corian,  has  also  been 
working  with  Sector  7,  an  Austin, 
Texas,  IBM  partner  that  converts 
OpenVMS  code  into  Unix  and  NT. 

IBM  and  other  Compaq  competi¬ 
tors,  such  as  Sun,  are  targeting  the 
Digital  OpenVMS  base  for  their  own 
products.  In  fact,  sources  say  IBM  has 
a  100-plus  strong  sales  force  specifi¬ 
cally  catering  to  converting  Digital 
users.  B 


OpenVMS  on  the  outs 


Compaq  says  it  will  continue  to  support  OpenVMS,  though  license  shipments  and 
revenue  are  expected  to  fall  sharply. 

Projected  OpenVMS  license  shipments  Projected  U.S.  OpenVMS 

and  upgrades  (U.S.)  revenue  (in  millions) 
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MCI  WorldCom  On-Net  Services  have  taken  all  of  the  risk  out  of  data  transmission.  Gone  are  the  days  of  handoffs  to 
other  carriers  and  wondering  who’s  got  your  data.  With  on-net  services  your  data  simply  goes  from  point  A  to  point  B. 
Just  one  seamless  global  network,  owned  and  operated  by  one  company*  MCI  WorldConr"  How  do  we  do  this?  By  linking 
the  U.S.  and  Europe  with  the  most  advanced  underwater  cable  ever  constructed.  And  by  owning  local  facilities  in  more 

*Onl\  MCI  WorldCom  owns  the  entire  network  from  origin  to  destination  in  many  locations  worldwide.  MCI  WorldCom  is  traded  on  NASDAQ  under  VI COM.  For  more  information  on 
MCI  WorldCom,  visit  our  Web  sites  at  meiworlileom.com  and  wcom.com.  ©  1999,  MCI  WORLDCOM.  Inc.  All  Rights  Reserved. 
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Internetworking  Monitor  .  Kevin  Tolly 

Access  routing  reconsidered 


At  the  dawn  of  the  internetwork 
age,  general-purpose  PCs  and 
purpose-built  network  gear  provided 
the  first  rudimentary  inter-LAN  bridg¬ 
ing.  By  the  time  the  internetwork  mar¬ 
ket  flourished  in  the  mid-1990s, 
though,  the  bridge/router  built  on  a 
standard  PC  was  all  but  extinct.  But,  in 
the  realm  of  technology,  extinct  does 
not  necessarily  mean  gone  forever. 

With  the  ascendancy  of  Microsoft’s 
Windows  NT  as  the  platform  of  choice 
for  everything  from  mundane  file/ 
print  services  to  branch  office  PBXs,  it 
may  be  time  to  reconsider  the  use  of  a 
general-purpose  computing  platform 
to  provide  branch  office  access  routing 
as  well. 

But  first  a  bit  of  historical  perspec¬ 
tive  is  in  order.  The  primary  reason  for 
the  “extinct”  status  of  PC  bridge/routing 


was  perception.  Simply  put,  the  likes  of 
Cisco  and  Wellfleet  Communications 
were  able  to  scare  corporate  customers 
away  from  using  PC-based  products. 
“You  don’t  want  to  trust  your  network 
to  DOS,”  went  the  line. 

Ironically,  many  PC  bridges  built 
circa  1991-92  actually  outperformed 
their  purpose-built  brethren.  Further¬ 
more,  these  devices  didn’t  use  DOS  for 
anything  more  than  keyboard  and  dis¬ 
play  services.  Once  loaded,  the  bridge 
software  took  over  and  communica¬ 
ted  directly  with  the  808X  processor. 

What  could  have  been  a  perfectly 
reasonable  platform  for  branch  office 
communications  was  driven  to  extinc¬ 
tion  for  no  good  technical  reason. 

Now,  almost  a  decade  later,  purpose- 
built  routers  with  purpose-built  oper¬ 
ating  systems  —  such  as  Cisco’s 


Internetworking  Operating  System  — 
are  increasingly  trying  to  behave  like 
general,  multipurpose  systems.  That 
fact  alone  should  be  sufficient  to  trig¬ 
ger  a  reassessment  of  access  routing. 

From  the  viewpoint  of  pure  tech¬ 
nology,  there  are  no  obstacles  to  using 
an  NT  system  to  provide  access  rout¬ 
ing  services.  While  NT  routing  perfor¬ 
mance  will  never  reach  that  of  an  Ex¬ 
treme  Summit  or  a  Bay  Accelar,  it  does¬ 
n’t  have  to.  Handling  a  single  T-l  WAN 
and  a  single  Ethernet/Fast  Ethernet 
LAN  connection  is  all  that  is  needed.  I 
don’t  think  you’ll  find  anyone  who’ll 
declare  that  NT  can’t  handle  the  task. 

In  my  view,  though,  the  most  impor¬ 
tant  point  to  consider  for  purpose- 
built  devices  is  in  the  area  of  added 
features,  such  as  Directory  Enabled 
Networking.  While  the  policies  man- 


aged  by  the  directory  will  dictate 
switch/router  behavior  at  the  lower, 
network  levels,  the  policy  manage¬ 
ment  is  not  a  core  internetwork  func¬ 
tion  that  might  have  been  envisioned 
by  router  operating  system  designers. 

Shoehorning  such  code  into  a  pur¬ 
pose-built  box  for  other  work  will  like¬ 
ly  be  a  difficult  and  expensive  propo- 
sition.This  process  will  be  compound¬ 
ed  by  the  fact  that  each  proprietary 
routing  gear  vendor  will  need  to 
undertake  this  process  on  its  own. 

Not  only  is  it  time  to  reassess  access 
routing,  it  may  be  time  for  a  reality 
check  on  how  far  traditional  routers 
should  be  pushed  into  the  application 
realm.  Shouldn’t  purpose-built  boxes 
stick  to  their  purpose? 

Tolly  is  president  of  The  Tolly 
Group,  a  strategic  consulting  and 
independent  testing  firm  in  Man- 
asquan,  N.J.  He  can  be  reached  at 
(732)  528-3300,  ktolly@tolly.com  or 
www.tolly.com. 


No  handoffs.  No  security  worries. 


Just  one  seamless  global  network. 


than  eighty  U.S.  markets,  as  well  as  several  markets  in  Europe.  Whether 
your  needs  are  local,  national  or  international,  you  deal  with  one  dedicated 
account  team  for  everything.  Pretty  straightforward,  isn’t  it?  Introducing 
MCI  WorldCom  On-Net  Services.  For  details,  visit  wcom.com 


MCI  WORLDCOM . 
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Eight  branch  offices. 

Need  high-performance  application  access. 
Over  95  concurrent  users. 


No  sweat. 


With  Citrix  server-based  computing 
solutions,  you  can  deliver  faster 
application  performance  for  more  remote 
users  without  upgrading  your  network. 

Right  now, 

Citrix®  MetaFrame''1 
and  WinFrame® 
server-based 
computing  software 

is  being  used  by  thousands  of  companies  to  ensure 
their  various  users  throughout  the  enterprise 
get  lightning-fast  access  to  the  latest  Windows®- 
based  applications. 


lOx  faster  application  performance 
over  your  existing  remote  connections. 

Optimized  for  network  connections  as  low  as 
14.4  Kbps,  Citrix  software  enables  IT  professionals 
to  deliver  up  to  lOx  faster  response  over  existing 
remote-node  servers  and  branch-office  routers. 

This  way,  every  remote  user  can  get  LAN-like 
performance,  even  with  32-bit  applications, 
regardless  of  whether  they’re  using  analog  or  ISDN 
modems,  WANs,  wireless  LANs  or  the  Internet. 

Reduce  network  traffic  and  increase 
application  availability  for  more  users. 

Since  all  processing  is  done  at  the  server,  your  vital 
applications  consume  as  little  as  one-tenth  of  their 
normal  network  bandwidth.  This  level  of  efficiency 
means  that  administrators  can  increase  the  number 


of  concurrent  users  working  with  a  specific 
application  to  keep  productivity  levels  high. 

See  what  77%  of  Fortune  lOO  companies 
already  know— Citrix  works! 

Discover  today  how  thousands  of  leading  organiza¬ 
tions  are  using  Citrix  MetaFrame  and  WinFrame  to 
improve  their  remote  application  performance  for 
more  users.  All  without  breaking  a  sweat. 

To  learn  more  about  how  Citrix  can 
help  you,  call  888-564-7630  or  visit  us 
on  the  Web  at  www.citrix.com/drive3 
for  a  FREE  Test  Drive  CD-ROM. 

CiTRIX’ 
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are  trademarks  or  service  marks  of  their  respective  companies.  Technical  specifications  and  availability  are  subject  to  change  without  prior  notice.  Made  in  the  U.S.A. 
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Briefs 


Troubled  satellite-phone 
provider  Iridium  says  lenders 
have  given  it  an  extra  60  days  to 
meet  certain  financial  goals.  The 
company  now  has  until  May  31  to 
show  at  least  $30  million  in 
accrued  revenue  and  prove  it  has 
signed  up  at  least  27,000  satellite 
customers.  Iridium  blamed  delays 
in  satellite-phone  production  and 
the  training  of  distributors  and 
sales  personnel  for  its  slow  start. 
Iridium  also  announced  that  the 
company's  chief  financial  officer, 
Roy  Grant,  was  resigning  "for 
personal  reasons." 

BellSouth  has  figured  out  a 
way  to  help  Internet  users  get 
fewer  busy  signals  when  they 
call  their  ISPs.  Calls  to  ISPs  are 
identified  at  the  BellSouth 
switching  office  nearest  the 
caller  and  trunked  to  the  ISP  on 
primary  rate  interface  ISDN 
trunks.  This  plan  relieves  the 
switching  office  nearest  the  ISP 
because  it  no  longer  has  to  pro¬ 
cess  every  call  to  the  ISP. 

BellSouth  is  implementing  the 
scheme,  called  Intelligent  Traffic 
Routing  and  Control,  as  needed 
based  on  ISP  traffic. 

IBM  Global  Services  last 
week  said  it  would  support 
Internet  Security  Systems'  Real- 
Secure  intrusion  detection  de¬ 
vices  for  its  Internet  Emergency 
Response  Service  customers. 

RealSecure  is  a  24-7  monitor¬ 
ing  and  network  scanning  ser¬ 
vice  that  checks  networks  for 
security  violations.  Previously 
IBM  only  supported  Cisco's 
NetRanger  security  device. 

IBM  later  this  year  also  plans 
to  add  Tivoli's  Cross  Sight  sec¬ 
urity  device  to  its  Internet  Emer¬ 
gency  Response  Service.  Cus¬ 
tomers  can  sign  up  for  yearly 
service  contracts  that  start  at 
$27,000. 

IBM  Global  Services:  (800) 
599-9950 
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and  Local  Carriers,  Wireless,  Regulatory  Affairs 

Covad  DSL  service  links  cities  nationwide 


BY  TIM  GREENE 

CUPERTINO,  CALIF.  —  A  low-cost  digi¬ 
tal  subscriber  line  (DSL)  service  from 
Covad  Communications  lets  far-flung 
remote  users  connect  to  corporate  head¬ 
quarters  across  the  country. 

Competitive  local  exchange  carrier 
Covad  last  week  introduced  TeleSpeed 
Remote,  a  high-speed  WAN  service  that 
connects  sites  nationwide  over  an  ATM 
backbone,  using  DSL  to  tie  in  remote 
sites  at  speeds  between  144K  bit/sec  and 
1.1M  bit/sec. TeleSpeed  Remote  is  made 
possible  via  an  agreement  with  AT&T 
and  Qwest. 

The  flat-fee  TeleSpeed  Remote  service 
can  save  customers  money  over  long- 


More 

Online 

•  Our  new  DSL  audio 
primer  -  listen  to  an  explanation  of 
the  technology. 

•  Sign  up  for  our  free  e-mail  newsletter 
on  Internet  services. 

www.nwfusion.com 


Nationwide  DSL  network  service 

Covad  is  selling  DSL  access  packaged  with  long¬ 
distance  links,  enabling  national  DSL  networks. 


Price  per  month 


Speed 

Less  than  500  miles 

More  than  500  miles 

144K  bit/sec 

$135 

$145 

192K  bit/sec 

$135 

$145 

384K  bit/sec 

$205 

$220 

768K  bit/sec 

$305 

$340 

1.1  M  bit/sec 

$360 

$405 

Note:  Prices  do  not  include  T 1  ($975  per  month)  or  T  3  ($4,000  per  month)  connections 
between  the  Covad  network  and  a  central  corporate  site. 


distance  ISDN,  which  is 
billed  based  on  usage. 

TeleSpeed  Remote  also 
costs  less  than  aT-1. 

To  the  user,  TeleSpeed 
Remote  acts  like  a  frame 
relay  or  ATM  link  into  a 
corporate  site.  However, 
instead  of  requiring  a 
DSU/CSU,  customers  use  a 
modem  that  turns  a  phone 
line  into  a  DSL  pipe. 

Until  recently,  cus¬ 
tomers  in  DSL  service 
areas  could  access  other 
sites  within  their  metro¬ 
politan  area,  but  not  sites 
in  separate  locations. 

Covad  offers  DSL  ser¬ 
vice  that  connects  eight  metropolitan 
areas:  Boston,  Los  Angeles,  New  York, 
Philadelphia,  Sacramento,  San  Francisco, 
Seattle  and  Washington,  D.C.The  service 
will  expand  to  22  metropolitan  areas, 
including  Atlanta,  Chicago  and  Miami,  by 
year-end. 

For  Symantec,  maker  of  network  soft¬ 
ware, TeleSpeed  Remote  is  a  way  to  elimi¬ 
nate  long-distance  ISDN  bills  that  were 
totaling  thousands  of  dollars  per  month, 
according  to  Michael  Medwid,  Symantec’s 
senior  communications  analyst.  Instead  of 
dialing  directly  in  to  the  corporate  site  in 


Cupertino  via  ISDN,  Symantec’s  remote 
users  are  now  connected  by  DSL  to  a 
Covad  point  of  presence  (POP). 

Traffic  bound  for  Symantec  headquar¬ 
ters  leaves  the  end  user’s  home,  travels 
along  the  DSL  line  to  the  Covad  POP, 
drops  onto  a  Qwest  or  AT&T  long¬ 
distance  link  to  another  Covad  POP,  and 
is  backhauled  to  Symantec’s  headquar¬ 
ters  via  aT-1. 

Covad  bills  a  flat  fee  for  each  remote 
site;  T-ls  and  T-3s  are  priced  separately 
(see  graphic). 

Covad:  (888)  462-6823 


Internet  faxing  takes  center  stage 

Service  providers  battle  over  growing  IP  fax  field. 


BY  DENISE  PAPPALARDO 

Users  looking  to  reduce  their 
long-distance  and  interna¬ 
tional  fax  service  costs  have 
signed  up  with  service  providers  in 
droves.  More  than  192  million  minutes 
worth  of  faxes  were  sent  over  the 
Internet  last  year  —  a  number  that  is 
expected  to  triple  by  year-end. 

As  more  ISPs  jump  on  the  IP  fax  ser¬ 
vice  bandwagon,  it  is  somewhat  surpris¬ 
ing  to  learn  which  service  providers  are 
handling  the  majority  of  IP  fax  time  for 
business  users  around  the  country  (see 
graphic). 

With  large  ISPs  such  as  MCI  World- 
Corn’s  UUNET  and  PSINet  touting  their 
IP  fax  services,  one  might  imagine  that 
those  companies  would  be  at  the  top  of 
the  list.  But  according  to  a  recent 


Users  take  to  IP  fax  services 

FaxSav  leads  a  growing  field  of  IP  fax 
service  providers. 

1 998  worldwide  Internet  fax  service 
provider  market  share  by  traffic  volume: 

Faxaway 
6.8%  \ 

Other  39% 


AT&T 

7.3% - 


Total  volume  of  192  million  minutes 

SOURCE:  IDC,  FRAMINGHAM.  MASS. 


International  Data  Corp.  (IDC)  study, 
UUNET  is  carrying  8  million  minutes  of 
fax  traffic  per  year  —  only  a  4.2%  share 
of  the  IP  fax  market,  says  Peter 
Davidson,  an  analyst  with  IDC,  a 
Framingham,  Mass,  consulting  firm. 

And  PSINet,  one  of  the  first  ISPs  to  roll 
out  an  IP  fax  service,  didn’t  even  make 
IDC’s  list.  For  other  service  providers,  IP 
fax  is  a  complementary  addition  to  their 
Internet  service  offerings.  AT&T  World- 
Net  announced  its  IP  fax  services  less 
than  a  year  ago. 

While  AT&T  introduced  the  service 
much  later  than  some  of  its  competitors, 
its  offering  now  brings  in  more  than  $4 
million  in  revenue. That  makes  AT&T  the 
fourth-largest  IP  fax  service  provider 
even  though  its  service  was  only  opera¬ 
tional  for  half  of  the  year,  Davidson  says. 

One  finding  that  is  not  surprising  is 
that  FaxSav,  an  IP  fax  service  provider 
that  essentially  pioneered  the  industry,  is 
the  market  share  leader.  With  big  cus¬ 
tomer  clients  such  as  Chevron  and  Nortel 
Networks  driving  traffic,  FaxSav  is  han¬ 
dling  55  million  fax  minutes  annually.  S 
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Carriers  8  ISPs 


Eye  on  the  carriers  .  David  Rohde 

Telecom  competition,  Version  1.0 


What  ever  happened  to  the 
idea  that  regional  Bell  operat¬ 
ing  companies  were  going  to  get  into 
the  long-distance  business?  Three  years 


and  two  months  after  the  enactment  of 
telecom  reform,  not  only  aren’t  there 
any  RBOCs  in  long  distance,  there 
aren’t  even  any  RBOC  long-distance 


applications  pending  with  the  Federal 
Communications  Commission. 

Why  is  that?  A  big  part  of  the  answer 
is  that  the  telecom  industry  is  waiting 


to  see  what  happens  with  Bell  Atlantic 
in  New  York. 

Under  the  law,  RBOCs  must  meet  a  list 
of  14  local-competition  requirements 
before  entering  long  distance.  But  in 
New  York,  Bell  Atlantic  has  agreed  to  an 
extra  step.  A  neutral  third  party  — 
KPMG  Peat  Marwick  —  is  testing  Bell 
Atlantic’s  back-office  systems  to  see  if 
the  RBOC  can  handle  mass  customer- 
change  orders  from  competitors.  If  Bell 
Atlantic  passes  the  test,  New  York  state 
regulators  have  agreed  to  support  Bell 
Atlantic’s  long-distance  application  at 
the  FCC. 


You've  developed  an  advanced 
telecommunications  network.  You're 
touting  the  latest  in  switch  technology, 
equipment  and  service  .  .  . 

Can  you  provide  better  service  at  a 
lower  price  than  your  competition? 


HNM  is  fast  becoming  the  leading  net¬ 
work  manager  of  choice  of  LECs,  CLECs, 
and  ILECs  nationwide.  HNM  allows  you 
to  manage  your  network  in  real  time, 
regardless  of  the  equipment  or  manufac- 


At  Harris,  we  don't  care  about  the  size 
of  your  network.  We  don't  care  about 
the  kinds  of  equipment  in  your  network 
or  who  the  manufacturer  is. 

We  care  about  helping  you  lower  the 
costs  associated  with  managing  a  multi¬ 
vendor  network.  We  care  about  your 
customers. 

Consider  the  power  and  versatility  of 
Harris  Network  Management — HNM. 


turer  deployed.  Its  open,  distributed 
architecture  and  multiplatform  capability 
makes  HNM  the  most  versatile  network 
management  platform  available  in  the 
market  today  to  meet  the  demands  of 
large,  complex  network  operations. 

You  need  a  proven  partner  for  network 
management.  You  need  Harris  Network 
Management. 


next  level  solutions 

WIRELESS 

BROADCAST 

COMMUNICATIONS 

PRODUCTS 


The  test  was  supposed  to  last  six 
weeks,  but  it  has  dragged  on  for 
months.  Recently,  there  were  reports 
that  Peat  Marwick  was  about  to  wrap 
up  its  work.  Then  AT&T,  which  dearly 
wants  to  keep  Bell  Atlantic  out  of  long 
distance,  said  the  test  was  going  to  take 
two  to  four  months  more. 

AT&T  concedes  that  Bell  Atlantic  has 
a  working  system  in  place  to  handle 
competitors’  orders.  But  AT&T  and  other 
firms  point  to  43  bugs,  or  “exceptions,” 
that  have  cropped  up  in  the  test.  Until 
these  and  any  other  problems  that  AT&T 
can  think  of  are  resolved,  competitors 
say  the  FCC  must  stop  Bell  Atlantic’s 
entry  into  long  distance. 

Ordinarily,  this  column  does  not  ex¬ 
cuse  carriers  for  buggy  systems.  But  sys¬ 
tems  development  and  government  reg¬ 
ulation  don’t  mesh  well.  At  some  point, 
Bell  Atlantic  has  to  get  this  version  of  its 
customer-change  order  system  to  the 
market. 

Yet  AT&T  would  like  to  make  sure 
that  Bell  Atlantic  must  perfectly  meet 
the  checklist  and  the  back-office  test 
and  who  knows  what  else  before  it 
gains  long-distance  authority.  It’s  as 
though  Microsoft  had  the  right  to  run  to 
a  Federal  Computer  Commission  to 
stop  Novell  from  releasing  NetWare  5, 
or  as  if  Novell  had  the  right  to  keep 
Windows  NT  4.0  off  the  market,  just 
because  someone  could  prove  it  wasn’t 
perfect. 

Meanwhile,  AT&T  has  launched  local 
frame  relay,  ATM  and  transparent  LAN- 
speed  services  to  compete  with  RBOCs. 
Eventually,  RBOCs  are  going  to  have  to 
be  allowed  to  do  the  reverse  —  intro¬ 
duce  long-distance  frame  relay,  ATM  and 
native  LAN-speed  wide-area  connections. 

AT&T  can  easily  argue  that  anything 
other  than  a  perfect  order-switching  sys¬ 
tem  is  dangerous.  As  a  matter  of  fact, 
many  analysts  are  going  to  caution  users 
against  initially  switching  to  local  carri¬ 
ers  that  don’t  own  fiber  anyway.  It’s  per¬ 
fectly  normal  for  users  to  wait  until 
technologies  mature.  But  before  we  can 
ever  get  to  full  and  open  competition, 
including  RBOC  long  distance,  the  gov¬ 
ernment  is  going  to  have  to  allow 
Version  1 .0  of  it  somewhere. 


Building  Your  Network  Is  Your  Business . . . 
Helping  You  Manage  It  Is  Ours 


1  -800-4-HARRIS  ext.  4703  •  407-727-9207  ext.  4703 


www.harris.com/communications 


Communications 


Free  Product  info  enter  NWInfoXpress  #4  online  @  www.networkworld.com/infoxpress 


Rohde  is  a  senior  editor  with  Net¬ 
work  World.  He  can  be  reached  at 
drohde@nww.com. 
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If  your  IT  Management  solution  fails, 
which  thank-you  gift  will  the  boss  be  sending  you? 
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Learn  why  OpenView  has  so  many  satisfied  customers: 


http://www.openview.hp.com 
or  call  1*800-785*3925 
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The  word  is  out.  Far  too  many  enterprise 
management  projects  don't  deliver.  So,  what's 
the  hang  up?  Recent  industry  analyst  studies 
reveal  that  most  major  framework 
implementations  take  too  much  time  and 
don't  deliver  ROI.  After  years  of  work,  only 


a  small  portion  of  purchased  functionality  is 
actually  implemented.  There  is  a  better  way. 


HP  OpenView  delivers  measurable,  proven 
results  quickly  and  completely.  A  new 
independent  head-to-head  lab  test*  revealed 
“HP  delivers  on  the  promise  of  integrated 
tools  to  solve  specific  problems...  Unlike 
PLATINUM,  CA  and  Tivoli,  HP  has  not 


overloaded  its  solution  with  a  common 
Framework...  HP's  generally  Flawless  solution 
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sets  the  mark  against  which  to  measure  all 

other  out-oF-the-box  Functionality”. 
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The  OpenView  approach  is  different  from 
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the  "leap  of  faith"  framework  approach. 


Target  your  most  pressing  problem  and 

;r 

solve  it  today. 
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HP  OpenView.  Reach  your  management 
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goals  without  getting  hung  in  the  process. 


HP  OpenView 


Works 


Right 


Now 


Attend  the  OpenView  Forum  &  Universe  Conference 


APRIL  12-16,  1999  HYNES  CONVENTION  CENTER.  BOSTON,  MASSACHUSETTS. 


VISIT  OUR  WEB  SITE  AT  www.openview99.com 
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'Source:  Network  Computing,  Syracuse  University  Reai-World  Labs'®,  1999 


We  re  gonna 

Network  like 


ANSWERS  to  the  challenges  you  face  TODAY. 


NetWorld+Interop,  the  definitive  networking  event  for  the 
enterprise  and  service  provider  market,  provides  knowledge 
you  can  use  today  because  what  you  know  now  is  critical 
to  your  success  tomorrow. 

With  four  conferences  and  75  sessions  designed  to  meet 
the  present-day  needs  of  enterprise,  service  provider  and 
reseller  professionals,  along  with  58  workshops  and  tutori¬ 
als,  and  an  interactive  show  floor  with  more  than  600  of  the 
world’s  foremost  vendors,  you’ll  gain  the  latest  information 
about  advanced  networking  and  telecommunications 
technologies. 


The  General  Conference  addresses  core  public  and  private 
networking  technologies  that  drive  the  industry,  while 
Community  and  the  Engineers  conferences  offer  more  spe¬ 
cific  insights  into  data,  voice  and  video.  And  providing  a 
unique  look  at  the  networking  and  telecommunications 
market  is  EXPO  COMM  the  international  leader  in  tele¬ 
communications  events,  making  its  debut  as  part  of 
NetWorld+Interop  in  1999. 

Nowhere  else  in  the  world  will  you  find  a  more  comprehen¬ 
sive,  up-to-the-minute  forum,  providing  in-depth  technical 
education  and  hands-on  evaluation  of  products  and  services 
than  NetWorld+Interop  and  EXPO  COMM  99  Las  Vegas. 


EXPO 

COMM 


NETW^RLB  INTEROP  99 

Conference  and  Exhibition  May  10-14,  1999  Las  Vegas 

Visit  www.interop.com  or  call  1-888-886-4057 


©1999  ZD  Events  Inc.  All  rights  reserved.  303  Vintage  Park  Drive,  Foster  City,  CA  94404 
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Vasco  Data  Security  Interna¬ 
tional  has  beefed  up  its  Digipass 
line  of  hardware-based  security 
tokens  with  two  new  models.  The 


Vasco's  Digipass  600  token 
beefs  up  security  on  nets. 


Digipass  600  is  a  dual-purpose 
token  for  network  access  and 
physical  entry  to  buildings.  The 
Digipass  700,  tailored  for  the  bank¬ 
ing  industry,  lets  users  conduct 
Internet-based  cash  management, 
online  trading  or  home  banking. 

Vasco:  (630)  932-8844 

Start-up  ArrowPoint  Commu¬ 
nications  got  a  much-needed 
boost  last  week  when  Hewlett- 
Packard  said  it  would  sell 
ArrowPoint's  Web  switches 
through  its  Covision  sales  divi¬ 
sion.  ArrowPoint  began  shipping 
its  second  product,  the  CS-800 
chassis-based  Content  Smart 
Web  switch,  last  month.  The  CS- 
800  and  the  modular  CS-100  are 
intelligent  server  load  balancers. 
They  can  balance  Web  traffic 
based  on  URLs  for  higher  granu¬ 
larity  than  Layer  4  information. 

Bright  Light  Technologies  of 

San  Francisco  has  signed  up 
Excite  and  Juno  for  its  now  20- 
member-strong  Global  Probe 
Network.  Global  Probe  partners 
set  up  special  e-mail  accounts  to 
trap  and  analyze  spam.  This 
information  is  used  to  update 
antispam  filters  in  the  Bright 
Mail  Anti-Spam  Service. 

Bright  Light:  (415)  905-5595 


CA  gains  strength  from  Platinum 


"The  combination  will 
allow  us  to  more  effec¬ 
tively  compete  with 
companies  like  BH/IC  in 
the  future." 

Sanjay  Kumar,  president,  Computer  Associates 


BY  JEFF  CARUSO 

Computer  Associates’  bid  to 
merge  with  Platinum  Technol¬ 
ogy  could  create  a  more  com¬ 
petitive  union  —  but  in  the  end,  the  ben¬ 
efits  to  IT  managers  will  be  modest. 

While  the  companies  have  emphasized 
the  “synergies”  between  them,  the  merger 
is  most  important  because  it  eliminates  a 
rival  for  CA,  bolsters  the  combined  com¬ 
pany  against  increased  competition  from 
BMC  Software  and  strengthens  Platinum’s 
financial  position.  CA  last  week  revealed 
it  plans  to  buy  Platinum  for  $3  5  billion. 

“The  combination  will  allow  us  to 
more  effectively  compete  with  compa¬ 
nies  like  BMC  in  the  future,”  says  Sanjay 
Kumar,  president  of  CA.  BMC  jumped  in 
size  last  year  when  it  acquired  Boole  & 
Babbage  for  $900  million,  combining  its 
application  management  software  with 
Boole  &  Babbage’s  event  management. 


PROFILE:  PLATINUM 
TECHNOLOGY 


Headquarters:  Oakbrook  Terrace,  III. 


For  CA,  that  acquisition  created  a  size¬ 
able  competitor,  strong  in  the  area  of  data¬ 
base  tools,  says  Paul  Mason,  an  analyst  at 
International  Data  Corp.The  CA/Platinum 
deal  “was  almost  inevitable  in  view  of  the 
change  in  the  competitive  landscape,”  he 
says.  If  the  merger  goes  through,  CA  gets 
Platinum’s  database  tools  and  data  ware¬ 
house  technology,  which  CA  plans  to 
combine  with  Jasmine,  its  object-oriented 
database,  and  other  technologies. 

However,  Plati¬ 
num’s  Provision 
systems  manage¬ 
ment  software  per¬ 
forms  functions 
that  seem  to  over¬ 
lap  with  those 
of  CA’s  Unicenter 
software. 

CA  and  Plati¬ 
num  currently  go 
after  the  same  mar¬ 
ket,  says  Richard 
Ptak,  an  analyst  at 
Hurwitz  Group. 
Ptak  says  the 
merger  “is  basical¬ 
ly  a  move  on  CA’s 


part  to  remove  a  rival.” 

For  Platinum,  the  merger  could  ease  its 
problems. The  company  lost  $2.5  million 
last  year  and  $106.1  million  in  1997.  In 
February  Platinum  laid  off  1 ,000  employ¬ 
ees,  about  15%  of  its  work  force. 

The  merger  creates  a  stronger  com¬ 
pany,  which  should  put  Platinum  users’ 
minds  at  ease,  says  Rick  Sturm,  principal 
of  the  Enterprise  Management  Institute. 
“It  takes  away  a  bit  of  a  cloud  that  was 
hanging  over  the  products,”  he  says. 

Further  layoffs  are  likely  as  the  com¬ 
panies  merge,  analysts  say.  CA’s  Kumar 
promises  to  retain  as  many  Platinum 
employees  as  possible. 

It  is  still  not  known  how  product  inte¬ 
gration  might  benefit  users,  says  John 
McConnell,  president  of  McConnell 
Associates,  in  Boulder,  Colo.  CA’s  neural 
network  agent  technology  could  be  com¬ 
bined  with  Platinum’s  products,  and 
Platinum’s  performance  management 
software  could  be  integrated  with  CA’s 
product  line,  he  says. 

CA  has  offered  to  buy  all  outstanding 
shares  of  Platinum  for  $29-25  per  share, 
and  CA  will  fund  the  transaction  via  a 
$4.5  billion  line  of  credit.  B 


Founded; 


1987 


Losses  (in  millions) 

PE5H 


Primary  business:  Management  software,  concentrating  on  systems, 
applications  and  databases 


CEO: 

Employees: 
Fun  fact: 


Andrew  "Flip"  Filipowski 
Approximately  5,000 


Platinum  announced  it  was  being  bought  by  CA 
on  the  same  day  that  Platinum  completed  its 
acquisition  of  security  software  vendor  Memco 
Software. 


BY  ELLEN  MESSMER 

WALTHAM,  MASS.  —  Network- 1 
Security  Solutions  later  this  month  will 
ship  CyberwallPlus-SV,  security  software 
that  turns  a  departmental  Windows  NT 
server  into  a  mini-firewall  and  intrusion- 
detection  monitor. 

When  loaded  onto  NT,  CyberwallPlus- 
SV  lets  managers  filter  multiple-protocol 
traffic  within  the  company’s  department 
and  thus  limit  user  access  to  appfications 
or  services.  CyberwallPlus-SV  can  also  rec¬ 
ognize  several  types  of  net  attacks  and 


take  measures  to  prevent  them. 

“The  intrusion-detection 
engine  can  detect  the  SYN 
flooding  attack  or  LAND  C,  for 
example,”  says  Avi  Fogel,  presi¬ 
dent  and  CEO  of  Network-1 . 

CyberwallPlus-SV  can  notify 
managers  of  what’s  known  as  a 
Ping  Sweep,  or  UDP  and  TCP 
port  scans.  Hackers  typically 
execute  these  types  of  scans 
before  breaking  into  networks. 

“It  just  about  installs  itself 
for  intranet  use,  so  you  can 


Network- 1  pitches  mini-firewall 


Network-Ts  Fogel 
says  the  software  can 
detect  and  prevent 
net  attacks. 


set  up  a  firewall  for  a  business  unit,”  says 
Mark  Edwards,  principal  at  security  con¬ 
sultant  NTShop.  Edwards  says  the  soft¬ 
ware  not  only  filters  TCP/IP-based  appli¬ 
cations,  such  as  Web,  mail 
and  news  applications,  but  it 
can  also  monitor  activity 
related  to  other  network 
protocols,  such  as  SNA  links, 
IPX  and  Digital  s  LAT. 

There  is  already  a  version 
of  CyberwallPlus  that  acts 
as  the  traditional  perimeter 
defense  between  the  Inter¬ 
net  and  a  corporate  LAN. 

CyberwallPlus-SV,  sched¬ 
uled  to  ship  by  May  1 ,  costs 
$1,995. 

Network- 1:  (781)  522-3400 
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How  Beyond.com  delivers  its  software  to  you 

Online  software  vendor  expands  its  reach  into  the  enterprise  market  with  some  help  from  content  management  software. 


BY  ROBIN 

SCHREIER  HOHMAN 

MAHWAH,  N.J.  —  Online 
software  vendor  Beyond.com 
has  quietly  penetrated  the 
enterprise,  using  Novadigm’s 
content  management  soft¬ 
ware  to  deliver  and  configure 
applications  for  thousands  of 
corporate  end  users. 

While  Beyond.com  is  most 
well-known  as  an  Internet- 
based  software  retailer  for 
consumers,  about  50%  of  its 
business  comes  from  govern¬ 
ment  and  corporate  users,  says 
Alan  DeClerck,  a  vice  presi¬ 
dent  at  Beyond.com.  The  com¬ 
pany  has  thousands  of  soft¬ 
ware  titles  available  and  serves 
thousands  of  customers. 

Working  with  Radia 

In  January,  Beyond.com 
started  using  Novadigm’s  Win¬ 
dows  NT-based  Radia  program 
to  help  manage  its  online  soft¬ 
ware  business.  The  company’s 
business  has  the  potential  to 
explode  as  more  users  get 
faster  network  access  via  cable 
modems,  digital  subscriber 
line  and  other  technologies. 

Beyond.com  is  using  Radia 
to  help  issue  licenses,  deliver 


software  to  customers  online 
and  issue  software  updates  to 
those  customers. 

When  a  customer  signs  up 
for  the  Beyond.com  service,  the 
vendor  delivers  a  customized 
Web  page  that  displays  all  of  the 
application  software  approved 
for  use  by  that  customer. 

On  the  back-end  Radia 
servers,  Beyond.com  main¬ 
tains  all  of  a  company’s  spe¬ 
cific  information,  including 
licensing  details,  delivery 
methods  and  software  dis¬ 
counts. 

Novadigm’s  software  is 
also  able  to  exchange  infor¬ 
mation  with  enterprise  re¬ 
source  planning  procurement 
packages,  such  as  Arriba,  to 
track  purchasing. 

Novadigm’s  Radia  software 
has  a  client  and  a  server  com¬ 
ponent.  In  fact,  when  a  person 
logs  on  to  the  corporate  page 
at  Beyond. corn’s  site,  the  indi¬ 
vidual  is  actually  communicat¬ 
ing  with  Radia.  The  first  time 
someone  logs  on,  the  server 
sends  down  the  Radia  client 
piece,  similar  to  the  way  plug¬ 
ins  are  downloaded. 

The  Radia  client  software 
then  talks  to  the  Radia  server 
to  determine  whether  an  appli¬ 


cation  should  be  sent  directly 
to  the  user’s  PC  or  to  a  Nov- 
adigm  Caching  Server.  The  NT- 
based  Caching  Server  is  an 
optional  Novadigm  product 
that  sits  on  the  customer’s  net¬ 
work  and  houses  applications 
offered  by  Beyond.com. 

Most  customers  choose  to 


have  the  software  sent  to 
the  Caching  Server  for  later 
companywide  installation, 
DeClerck  says. 

If  the  software  is  sent  to  the 
Caching  Server,  individuals 
seeking  a  download  are  trans¬ 
parently  redirected  to  the  IP 
address  of  the  server,  which 


delivers  the  software. 

The  software  package  on 
the  user’s  PC  is  then,  in 
Novadigm’s  words,  “update- 
aware.”  This  means  the  soft¬ 
ware  has  the  intelligence  to 
update  itself  when  notified  by 
the  Caching  Server  that  a  new 
version  is  available.  \jf 


Software  delivery  over  the  Internet 


Online  software  retailer  Beyond.com  uses  Novadigm  s  Radia  software  to  deliver  software  to 
corporations  over  the  Internet. 


©  Users  log  on  to  a  custom 
ized  corporate  page  on 
the  Beyond.com  Web  site 
and  choose  applications 
to  download. 


Internet 


©  Radia  software  on  Beyond.com  servers 
determines  whether  to  send  the 
applications  directly  to  the  user  or  to 
a  corporate  caching  server. 


Users  are  transparently 
redirected  to  the  caching 
server’s  IP  address, 
and  the  applications 
are  downloaded. 


'Net  Insider .  Scott  Bradner 

Christmas  in  March? 


A  dozen  years  ago,  IBM’s  corpo¬ 
rate  data  network  was  hit  with 
a  computer  virus  that  might  have 
been  the  direct  ancestor  of  the  Melissa 
micro  virus  that  is  now  providing 
managers  of  corporate  data  networks 
with  a  bit  of  diversion.  It  does  not 
seem  like  there  has  been  much  learn¬ 
ing  in  the  intervening  years. 

In  mid-December  1987,  a  German 
student  wrote  a  little  program  to 
draw  a  picture  of  a  Christmas  tree  on 
an  IBM  terminal  and  sent  it  to  some 
friends  in  an  e-mail  message.  But  this 
program  had  a  hidden  feature  in  that 
it  could  look  for  a  file  of  e-mail  aliases 
on  the  user’s  disk.  If  the  program 
found  such  a  file,  it  sent  copies  of 
itself  to  everyone  listed  in  the  file. 

If  some  of  the  entries  in  the  alias 
file  were  mailing  lists,  then  everyone 


on  the  lists  would  get  a  copy.  The 
exponential  explosion  in  the  number 
of  copies  of  the  message  quickly 
overwhelmed  e-mail  servers  wher¬ 
ever  the  message  propagated.  One  of 
those  places  was  the  IBM  corporate 
data  network,  which  had  to  be  shut 
down  for  a  number  of  hours  to  clear 
the  problem. 

If  this  sounds  familiar,  it  is  because 
the  Melissa  virus  that  showed  up  a 
few  weeks  ago  does  basically  the 
same  thing.  Melissa  has  one  addi¬ 
tional  feature  —  it  infects  the  user’s 
own  files.  So  if  the  user  subsequently 
sends  one  of  the  infected  files  to  a 
friend,  the  problem  starts  up  all  over 
again.  The  end  effect  has  been  the 
same  as  it  was  with  the  Christmas 
tree  program  —  many  corporate 
mail  servers  have  been  swamped 


and  several  large  companies  have 
had  to  disable  all  their  e-mail  sys¬ 
tems  for  a  time. 

The  two  viruses  exploit  the  same 
two  system  features.  First,  one  user 
can  e-mail  an  executable  file  to 
another  user,  written  in  an  IBM  script¬ 
ing  language  in  the  first  case  and 
Microsoft  Word  macros  in  the  second 
case.  Second,  users  in  IBM  and 
Microsoft  environments  tend  to  keep 
large  e-mail  alias  files. 

It’s  hard  to  determine  how  to  con¬ 
fine  the  ability  of  Word  macros  to  mod¬ 
ify  their  environment.  For  example,  I 
find  it  difficult  to  understand  why 
macros  are  permitted  to  modify  the 
security  protections  against  macros. 

Melissa  seems  to  be  benign,  with 
the  clogging  of  servers  its  major 
effect.  But  what  if  Melissa  twiddled 


every  millionth  bit  on  your  disk,  caus¬ 
ing  programs  to  randomly  fail  and 
data  to  be  corrupted? 

Word  and  other  program  macros 
have  been  the  vehicles  for  a  number 
of  recent  PC  viruses.  When  is 
Microsoft  going  to  learn  from  history 
and  get  serious  about  analyzing  the 
vulnerabilities  that  the  macro  feature 
adds  to  the  system?  When  is  Micro¬ 
soft  going  to  eliminate  the  vulnerabil¬ 
ities  once  and  for  all? 

Disclaimer:  History  is  one  thing 
that  Harvard  has  a  lot  of  and  some¬ 
times  learns  from,  but  the  above  is  my 
hist or>7  lesson. 

Bradner  is  a  consultant  with 
Harvard  University’s  University 
Information  Systems.  He  can  be 
reached  at  sob@harvard.edu. 
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One  advantage  to  not 

having  old  technology. 


We  don’t  have  to  try  selling 


it  to  you. 


Unlike  communications  companies  that  have  been  around  forever,  we’re  not  stuck  with  an  outdated  network  we’ll  try 
dumping  on  you,  Whatever  you  need:  Frame  Relay,  ATM  or  IP,  Qwest  is  the  network  that  delivers  it  better.  Because 
Qwest  is  the  network  with  bandwidth  to  spare.  So  if  you’re  looking  for  a  better  return  on  your  IT  investments,  visit  us 
at  qwest.com  and  find  out  why  not  having  old  technology  can  work  to  your  advantage. 

ride  the  light 


Qwest 


Free  Product  info  enter  NWInfoXpress  #5  online  @  www.networkworld.com/infoxpress 


Enterprise  Applications  Special  Focus 


Lawsuit  tangles  J  ava 
in  a  web  of  confusion 


BY  JOHN  cox 

Eighteen  months  after  Sun  sued  Microsoft  over 
Java,  the  long-drawn-out  court  case  is  continu¬ 
ing  to  sow  confusion  and  reap  divisions  among 
corporate  software  developers. 

The  suit  claims  that  Microsoft  violated  a  Java 
licensing  agreement  by  changing  Java.  The 
changes,  built  into  products  such  as  Microsoft’s  Visual 
J++  tool  kit,  tie  the  finished  applications  tightly  to 
Windows  —  and  only  Windows  —  computers.  If  Sun 
wins  its  case,  Microsoft  may  have  to  completely 
revamp  the  tool  kit,  some  observers  say. 

But  resolution  may  be  at  hand.  The  compa¬ 
nies  planned  to  meet  privately  last  Thursday  — 
after  this  story  went  to  press  —  to  hammer  out 
a  settlement. 

Microsoft  has  already  made  other  moves  based 
on  the  suit  —  moves  that  add  confusion  rather 
than  clarity.  For  instance,  Microsoft  recently 
yanked  the  beta  version  of  Java  development 
tools  for  Windows  CE  from  the  company’s  Web 
site.  Microsoft  plans  to  issue  a  new  tool  kit,  based 
on  a  Java  Virtual  Machine  (JVM)  from  Hewlett- 
Packard,  but  the  company  hasn’t  said  when. 

“Some  of  my  clients  are  scared  to  use  any  Java 
product  until  the  lawsuit  is  settled,”  says  Erik 
Funkenbusch,  a  consultant  in  Saint  Paul,  Minn.  “I 
think  the  lawsuit  is  stunting  the  growth  and 
acceptance  of  Java.” 

If  that  is  true,  Sun’s  lawsuit  is  achieving  the 
exact  opposite  of  what  Sun  intended  in 
September  1997  when  the  company  filed  suit 
against  Microsoft  in  federal  district  court. 

Microsoft  licensed  Java  in  March  1996  and  created 
its  own  JVM,  which  in  effect  translates  Java  code  into 
something  an  underlying  operating  system  can  under¬ 
stand.  This  JVM  was  built  into  Microsoft’s  Internet 
Explorer  browser  and  the  Visual  J++  kit,  Microsoft’s 
most  important  Java  development  tool. 

But  instead  of  incorporating  Sun’s  Java  Native 


Burnt  Java 

Users  report  the  drawn-out  battle  is  having  the 
following  effects: 

•  The  future  of  Microsoft's  J++  development  tool  kit  is  uncertain. 

•  Users  are  stymied  in  writing  Windows  applications  in  Java. 

•  Some  users  are  holding  off  on  any  Java  development. 

•  The  Java  community  is  polarizing,  siding  with  Sun  or  Microsoft. 


Interface  (INI),  Microsoft  added  code  to  access  its 
Component  Object  Model  (COM)  and  the  underlying 
Windows  APIs.  It  also  created  a  set  of  extensions  to 
Java  for  a  set  of  reusable  Java  class  libraries,  called 
Windows  Foundation  Classes.  These  classes  handle 
interactions  between  Windows  graphical  user  inter- 


THE  JAVA  COMMUNITY 

As  Sun  and!  Microsoft 
continue  to  battle  it  out, 
Java  is  ensnared  in  the  fear 
surrounding  its  future . 


faces  and  the  underlying  Windows  operating  system. 

The  result  was  that  an  application  written  in  Java 
using  these  special  features  will  run  only  on  a  Windows 
computer,  instead  of  on  any  computer  that  hosts  a  JVM. 

Microsoft  also  delayed  or  refused  to  upgrade  its 
products  with  Sun’s  most  recent  additions  to  the  Java 
Development  Kit. 

Last  November,  the  court  issued  a  preliminary  in¬ 
junction  ordering  Microsoft  to  add  Sun’s  JN1  to  its  ver¬ 
sion  of  the  JVM  and  to  warn  developers  that  Win¬ 
dows-specific  features  were  being  litigated,  says  Bill 
Dunlap,  product  manager  for  Visual  J++. 

Microsoft  is  appealing  that  court  order,  arguing  that 
its  changes  are  completely  legal  under  its  Java  license. 
The  appeal  is  still  pending. 

The  jury  is  out 

Some  developers  believe  Microsoft’s  Java  extensions 
are  good  for  writing  Windows  applications.  But  others 
object  to  Microsoft’s  refusal  to  support  the 
full  Java  specification. 

“Personally,  I  think  Microsoft’s  native 
API  is  more  powerful  and  easier  to  use 
than  the  JN1,”  Funkenbusch  says. 

“The  changes  Microsoft  made  to  Java  are 
generally  well-designed,  and  they  clearly 


enhance  the  language,”  says  Douglas  Cook,  a  Web  spe¬ 
cialist  at  Brigham  Young  University  in  Provo,  Utah. 

And  Microsoft’s  native  COM  support  makes  it  much 
easier  to  add  complex  functions  to  Java  code,  while 
the  Windows  Foundation  Classes  make  it  easier  to 
design  complex  user  interfaces,  Cook  says. 

Developers  also  agree  that  using  these  functions 
chains  the  application  to  Windows.  Some  see  this  as  a 
benefit;  others  see  it  as  a  problem. 

“Windows  Foundation  Classes  force  developers  to 
use  a  very  non-Java-like  event  programming  model, 
one  that’s  inconsistent  with  Sun’s  Abstract 
Windowing  Tool  kit  implementation,”  says  Rick 
Bullotta,  vice  president  at  Lighthammer  Software 
Development  in  Malvern,  Penn. 

In  addition,  Microsoft’s  COM  and  Distributed 
COM  require  that  an  array  of  application  files  and 
configuration  information  be  kept  on  the  client, 
Bullotta  says. 

“That  creates  a  distribution  and  maintenance 
challenge,”  he  says.  “Plus,  that  information  tends  to 
be  very  version-sensitive  to  the  hundreds  of 
Windows  system  Dynamic  Link  Libraries  resident 
on  the  client.” 

By  contrast,  under  the  Java  model,  applica¬ 
tions  only  need  the  JVM  and  some  network  con¬ 
nectivity  code  on  the  client,  he  says. 

No  easy  verdict 

For  now,  there  is  no  easy  end  to  the  confusion 
in  the  Java  community. 

“The  future  of  Visual  J++  has  been  cast  in 
doubt,”  says  Daryl  Plummer,  an  analyst  at  Gartner 
Group. “If  the  court  ruling  comes  out  as  we 
expect  it  will,  Microsoft  will  have  to  completely 
revamp  that  product,”  he  says.  Gartner  Group  now  rec¬ 
ommends  that  its  corporate  clients  use  a  different  tool 
set  until  the  case  is  settled  and  Microsoft  outlines  its 
future  direction  for  Visual  J++. 

At  present,  Microsoft  will  only  describe  the  future 
in  vague  terms.  Visual  J++  manager  Dunlap  insists 
Microsoft  will  fight  hard  for  a  legal  victory,  but  he  says 
the  company  is  also  pursuing  other  options. 

Chief  among  Microsoft’s  options  is  building  its  own 
JVM  from  scratch,  as  HP  and  IBM  have  done. 

“  [If  you  build  your  own  JVM] ,  you  have  the  tech¬ 
nology  to  run  Java  code  and  you  also  have  the  free¬ 
dom  to  alter  the  product  in  any  way  you  want,” 
Dunlap  says. 

Java  may  be  too  big  for  Microsoft  to  ignore.  But 
Microsoft  is  too  big  for  the  Java  community'  to  ignore. 
Developers  simply  will  have  to  wait  to  see  how 
Microsoft  plans  to  support  the  Java  community.  3 
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The  Java  case 

A  brief  history  of  Microsoft's  relationship  with  Sun  and  Java. 

March  1996 

Microsoft  licenses  Java  from  Sun. 

September  1997 

Sun  sues  Microsoft,  alleging  violations  of  the  license  deal. 

March  1998 

Court  issues  temporary  restraining  order  against  Microsoft,  which  must  remove 
the  "Java  Compatible"  logo  from  some  products. 

November  1998 

Court  issues  preliminary  injunction:  Microsoft  ordered  to  support  some  Java 
features  not  previously  included  in  its  products. 

December  1998 

Microsoft  releases  new  version  of  its  Java  Virtual  Machine  for  Windows, 
with  the  required  changes. 

January  1999 

Microsoft  asks  U.S.  Appeals  Court  to  set  aside  the  November  ruling.  The 
appeal  is  pending. 
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Ask 


Dr  Intranet 


By  Steve 
Blass 

We  are  up¬ 
grading  our  WAN 
infrastructure  in 
order  to  expand 
our  intranet  capabili¬ 
ties.  On  the  network, 
we'll  have  roughly 
100  IBM  2210  routers  and,  at 
two  central  locations,  Cisco 
7507  routers.  We'll  be  using 
frame  relay  for  the  WAN  proto¬ 
col,  with  standards-based 
encapsulation  for  interoperabil¬ 
ity.  Each  remote  location  will 
receive  an  IBM  2210  router 
with  a  serial  interface  connect¬ 
ed  by  permanent  virtual  circuits 
(PVC)  to  the  central  sites.  We 
hope  you  can  help  us  with  sug¬ 
gestions  for  an  Open  Shortest 
Path  First  (OSPF)  design  model. 

Via  the  Internet 

I  suggest  segmenting  the 
WAN  into  100  OSPF  areas  that 
congregate  at  an  "Area  0" 
backbone.  This  will  allow  de¬ 
fault  routing  by  the  2210s  to  the 
core,  eliminating  the  need  to 
execute  the  SPF  algorithm.  As 
stub  areas,  the  2210s  won't 
carry  full  network  routing  tables, 
and  small  areas  provide  an 
extra  level  of  routing  protection. 
Because  routing  within  an  area 
is  protected  from  all  information 
outside  the  area,  if  one  remote 
net  goes  down,  only  Area  0 
needs  to  know.  You  also  get 
equal-cost  multipath  routing  for 
the  edge  nodes.  This  gives  each 
remote  site  redundant,  load-bal¬ 
ancing  PVCs  into  the  backbone. 

Some  good  Web  references 
on  OSPF  planning  are  RFC1245, 
RFC2328  and  the  OSPF  design 
white  paper  atwww.cisco.com/ 
u  n  i  ve  r  c  d/c  c/td/d  o  c/c  i  si  ntwk/ 
idg4/nd2003.htm. 

As  a  network  architect  at 
Sprint  Paranet  in  Houston, 

Blass  understands  the  strain  of 
developing  and  managing 
intranets.  Send  your  problems 
to  dr.intranet@paranet.com. 


Readying  copper  pipes  for  Gigabit  Ethernet 


UP  CLOSE 

Gigabit  Ethernet  wiring 


Gigabit  Ethernet  uses  all 
four  twisted  pairs  of 
Category  5  wire;  Fast 
Ethernet  uses  only  two 
twisted  pairs  of  Category 
5  wire,  this  is  one 
reason  why  Gigabit 
Ethernet  is  able  to  attain 
its  tenfold  bandwidth 
advantage  over  Fast 
Ethernet.  However,  Giga¬ 
bit  Ethernet's  higher- 
bandwidth  signaling 
requirements  result  in 
extra  sensitivity  to  some 
copper-wire  line 
conditions  that  can 


cause  transmission 
problems,  such  as: 


Fast  Ethernet 
connector 


Category  5  copper  wires 

uu. 

50M  50M  unused  unused 

bit/sec  bit/sec  pair  pair 

Total:  100M  bit/sec 


Gigabit  Ethernet 
connector 


Category  5  copper  wires 

UIMJU 

250M  250M  250M  250M 
bit/sec  bit/sec  bit/sec  bit/sec 

Total:  1G  bit/sec 


Return-loss,  or  echo: 

This  occurs  when  the  signal  is 
reflected  back  to  the  transmitter. 
Return  loss  is  frequently  caused 
by  impedance  mismatches  and 
is  typically  the  result  of  poor 
connectors.  The  higher  the 
signaling  frequency,  the  greater 
the  chance  of  such  reflections, 
or  echoes. 


Far-end  crosstalk  (FEXT): 

FEXT  occurs  when  signal 
leakage  from  adjoining  wire 
pairs  at  the  far  end  of  the 
transmitter  creates  electrical 
noise.  The  greater  the  number 
of  operating  pairs,  the  more 
likely  that  FEXT  might  occur. 
Too  much  of  this  noise  can 
likewise  corrupt  the  data. 


BY  KARL  PIEPER 
AND  BRUCE  TOLLEY 

As  Gigabit  Ethernet  moves  from 
the  LAN  backbone  to  the  desk¬ 
top,  many  network  executives 
are  faced  with  the  prospect  of  running 
the  high-speed  technology  over  twisted¬ 
pair  copper  wiring.  While  Category  5 
copper  is  nearly  ubiquitous  within 
today’s  networked  buildings,  most 
Gigabit  Ethernet  environments  have  been 
primarily  built  on  fiber  LAN  backbones. 

For  network  executives,  the  switch  to 
copper  presents  potential  perils.  For 
instance,  Gigabit  Ethernet  over  copper  — 
the  standard  lOOOBase-T  technology  — 
places  more  performance  demands  on 
the  Category  5  cable  than  Fast  Ethernet 
(100Base-TX)  traffic.  Fortunately,  simple 
industry  tests  are  available  to  determine 
whether  existing  Category  5  cable  can 
handle  the  extra  traffic. 

To  appreciate  why  testing  is  important, 
it’s  important  to  understand  how  Gigabit 
and  Fast  Ethernet  function  at  the  Open 
Systems  Interconnection  physical  layer  to 
translate  user  application  data  into  the 
electrical  pulses  necessary  for  network 
transmission.  Both  Ethernet  technologies 
use  special  encoding  schemes,  specified 
by  the  IEEE’s  Ethernet  committee,  that 
translate  application  data  into  unique  bit 
patterns  that  are  represented  by  plus  or 
minus  voltages.  This  encoding  is  used  to 
safeguard  the  data’s  reliable  transport  over 
physical  media. 

Fast  Ethernet  uses  a  three-level  encod¬ 
ing  scheme,  but  Gigabit  Ethernet  uses  a 
five-level  scheme.  This  five-level  scheme 
enables  Gigabit  Ethernet  to  carry  more 
data  with  each  pulse.  Also,  Fast  Ethernet 
needs  only  two  twisted  pairs  of  Category 
5  copper,  but  Gigabit  Ethernet  uses  all 
four  twisted  pairs.  Thus,  Gigabit  Ethernet 
is  able  to  attain  its  tenfold  bandwidth 
advantage  over  Fast  Ethernet  with  just  a 
twofold  increase  in  signaling  frequency. 

However,  Gigabit  Ethernet’s  higher 
bandwidth  signaling  requirements  over 
four  twisted  pairs  result  in  extra  sensi¬ 
tivity  to  some  copper-wire  line  condi¬ 
tions.  Two  conditions  in  particular  can 
impede  reliable  transmission  if  they 
exceed  certain  thresholds. 

The  first  condition  is  return-loss,  or 
echo.  This  occurs  when  a  signal  is  re¬ 
flected  back  to  the  transmitter.  Return- 
loss  is  often  caused  by  impedance  mis¬ 
matches  and  is  typically  the  fault  of  poor 
connectors. 


A  Gigabit  Ethernet  transmitter  sends 
and  receives  data  simultaneously  on  each 
of  the  four  wire  pairs;  too  much  return- 
loss  reflection  can  mask  or  modify  the 
return  signal,  thus  corrupting  the  data. 

The  second  condition  is  known  as  far- 
end  crosstalk  (FEXT).  Generally,  FEXT 
occurs  when  signal  leakage  from  adjoin¬ 
ing  wire  pairs  at  the  far  end  of  the  trans¬ 
mitter  creates  electrical  noise.The  greater 
the  number  of  operating  pairs,  the  more 
likely  that  FEXT  might  occur.Too  much  of 
this  noise  can  also  corrupt  the  data. 

The  IEEE  lOOOBase-T  Task  Force  and 
cabling  companies  estimate  that  more 
than  90%  of  currently  installed  Category 
5  cable  was  properly  installed,  in  accor¬ 
dance  with  the  1995  ANSI  specification. 
Category  5  will  support  the  lOOOBase-T 
standard.  Where  installation  was  substan¬ 
dard,  chances  are  any  failures  will  be 
caused  by  connectors  rather  than  cable. 

Tests  can  be  performed  by  cable  install¬ 
ers  or  net  managers  using  tools  from  ven¬ 
dors  such  as  Wavetek  and  Hewlett- 
Packard.The  tools  are  easy  to  use,  and  they 
return  “pass”  or  “fail”  ratings. 

Tests  that  reveal  problems  with  return- 
loss  or  FEXT  should  not  be  too  devastat¬ 
ing  to  network  managers  because  any 
problems  usually  occur  in  connectors 
rather  than  the  Category  5  wiring. 

Look  for  connector  problems  in  wiring 
closet  punch-down  blocks  and  desktop 


users’  wall  outlets.  Loose,  worn  or  abused 
wiring  can  cause  the  twisted  pair  to  un¬ 
twist  more  than  necessary.  The  greater  the 
distance  that  wires  run  parallel  to  one 
another,  the  greater  the  likelihood  that 
magnetic  fields  might  cause  impedance 
mismatches  or  induce  current  changes. 
For  example,  in  order  to  meet  current  Cat¬ 
egory  5  cabling  requirements,  the  untwist¬ 
ing  that  takes  place  where  cabling  is  ter¬ 
minated  to  connecting  hardware  should 
not  exceed  13  millimeters,  or  1/2  inch. 

Corrective  measures  in  the  lOOOBase-T 
draft  standard  include  switching  to  high- 
performance  patch  cables,  reducing  the 
number  of  connectors  in  the  link  or  refit¬ 
ting  some  or  all  of  the  connectors. 

With  new  installations,  managers  can 
choose  standards-based  Enhanced  Cat¬ 
egory  5  or  Category  6,  a  prestandard 
high-performance  cable  with  no  guaran¬ 
tee  of  multivendor  interoperability. 

Extending  Gigabit  Ethernet  to  Category 
5  cable  will  be  important  for  the  evolution 
of  high-bandwidth  LANs,  and  the  IEEE’s 
Ethernet  committee  designed  lOOOBase-T 
so  it  would  run  over  Category  5. 

Pieper  is  a  senior  product  manager 
for  3Com.  Tolley  is  vice-chair  of  the 
Gigabit  Ethernet  Alliance  and  manager 
of  business  development  for  3Com.  They 
can  be  reached  at  Karl_Pieper@3com. 
com  and  Bruce_Tolley@3com.com. 
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Technology  Update 


Gearhead  —  inside  the  network  machine  .  Mark  Gibbs 

Everything  you  didn’t  want  to  know  about  spam 


Do  you  really  need  the  statis¬ 
tics?  Of  course,  you  don’t,  but 
I  will  give  them  anyway.  The  volume 
of  Internet  e-mail  is  rising  at  a  near 
exponential  rate  and  is  expected  to 
hit  (hold  onto  your  seats)  around 
2,000,000,000,000  messages  this 
year.  Sometimes  it  seems  that  spam 
accounts  for  most  of  it. 

Now,  spam  has  been  discussed  ad 
nauseam  in  my  “Backspin”  column 
but  that’s  no  reason  why  “Gearhead” 
shouldn't  get  technical  about  the 
topic.  And  the  specific  issue  about 
spam  that  “Gearhead”  wishes  to 
examine  is  Simple  Mail  Transfer 
Protocol  relaying. 

SMTP  relaying,  the  routing  of  mes¬ 
sages  via  a  mail  server  running  SMTP, 
is  one  of  the  main  reasons  why  spam¬ 
mers  can  be  hard  to  find. 

The  problem  is  that  SMTP  servers 
have  little  knowledge  of  the  identity 
of  any  computer  that  is  asking  them 
to  accept  and  forward  messages. 

This  means  a  spammer  can  lie 
through  his  teeth  about  every  aspect 
of  the  origin  of  a  message  and  most 
SMTP  servers  will  happily  relay  that 
message  to  any  system  the  spammers 
want  to  address. This  is  a  problem. 


As  you  might  have  guessed,  SMTP 
(specified  in  IETF  RFC  821  and  822) 
is  a  pretty  simple  protocol.  SMTP  is 
the  sending  side  of  the  e-mail  equa¬ 
tion,  with  Post  Office  Protocol  (POP) 
and  Internet  Message  Access  Protocol 
(IMAP)  on  the  receiving  side. 

When  an  SMTP  server  is  asked  to 
accept  a  message,  the  sending  com¬ 
puter  (the  client)  conducts  a  “con¬ 
versation”  with  the  server.  Note  that 
the  server  doesn’t  know  if  it  is  talk¬ 
ing  with  an  e-mail  client  or  another 
SMTP  server. 

This  conversation  starts  when  the 
client  receives  a  status  message  from 
the  server  in  response  to  opening  the 
connection.  The  normal  message  is 
“220  <server_name>,”  which  means 
the  server  is  ready. 


In  response,  the  client  sends  the 
command  “HELO  <sender_name>,”  in 
which  <sender_name>  should  be  the 
domain  name  of  the  client. 

At  this  point,  you  might  be  say¬ 
ing  “Ah!  You  said  ‘should  be’  .  .  .  but 
how  does  the  server  know  that 
<sender_name>  is  the  client’s  real 
name?” 

The  answer  is  that  it  doesn’t. 
There’s  no  way  for  the  server  to 
determine  anything  concrete  about 
the  client’s  identity  except  by  using 
the  Domain  Name  System  and  doing 
a  reverse  lookup. 

A  reverse  lookup  takes  the 
sender’s  given  domain  name  and 
finds  out  if  the  IP  address  of  the 
incoming  connection  is  also  in  that 
domain.  The  problem  is  that  the 
incoming  message  might  be  from  an 
innocent  SMTP  server  that  is 
unknowingly  relaying  mail  for  a 
spammer. 

But  the  conversation  between  the 
client  and  server  has  yet  to  finish. 
Next,  the  sender  commands  “MAIL 
FROM  <user>@<host_name>”  to 
announce  the  author  of  the  message. 

Of  course,  this  address  could  also 
be  falsified,  so  not  much  intelligence 


can  be  gained  here.  But  the  next 
command  can  be  revealing.  It  is 
“RCPT  TO:<user>@<destination_ 
name>.” 

If  <destination_name>  isn’t  in  a 
domain  for  which  we  handle  mail, 
we  can  immediately  conclude  that 
the  server  is  being  asked  to  relay 
what  could  very  well  be  spam.  At 
this  point,  the  server  should  refuse 
the  message. 

The  Internet  Mail  Consortium 
conducted  a  survey  last  July  to  find 
out  how  many  mail  servers  allow 
relaying.  Surprisingly,  the  consor¬ 
tium  found  that  more  than  36%  of 
mail  servers  would  relay,  which  at 
least  was  down  from  56%  six 
months  earlier.  I  haven’t  seen  any 
new  figures. 

But  what  is  surprising  is  the  num¬ 
ber  of  servers  that  still  aren’t  config¬ 
ured  to  detect  relaying. 

See  my  Web  site  for  a  script  you 
can  use  to  test  your  own  (or  some¬ 
one  else’s)  server.  And  if  you  find 
that  your  server  relays,  make  sure 
you  fix  it  ASAP. 

Nonrelayed  messages  to  gearhead 
@gibbs.com. 


News,  tips  and 
tools  from  our 
Web  site 


MeMssaaftermatf 

Some  Fusion  risers  are 
upset,  not  with  whoever 
unleashed  the  Melissa  macro 
bug,  but  with  Microsoft, 
whose  software  the  virus  took 
advantage  of  to  spread  itself. 

"As  a  network  administra¬ 
tor,  I  am  getting  tired  of 
cleaning  up  after  their  prod¬ 
ucts,”  writes  one.  A  Novell 
user  got  a  little  smug: “No  we 
didn't  |get  hit].  We  use 
GroupWise  and  WordPerfect. 
But  boy  did  we  laugh!” 


What  do  you  think?  And 
are  you  trying  any  educa¬ 
tion  to  get  end  users  to  stop 
opening  all  those  attach¬ 
ments?  Come  online  and 
jump  into  the  discussion. 

DocFinder:  2329 

Ready,  set . . . 

OK,  you’ve  sent  out  a 
request  for  proposal  for  host¬ 
ing  your  Web  site.  You’ve 
selected  a  host.  And  now  it’s 
time  to  launch  that  puppy  ease  the  pain  of  developers 
into  cyberspace,  right? 

HF  mm  tm 


Not  so  fast.  In  the  latest 
installment  of  their  series  on 
selecting  an  ISP  The  Motley 
Fool’s  technical  gurus  discuss 
what  you  need  to  do  so  you 
don’t  fall  flat  on  your  face. 

The  gurus  have  sugges¬ 
tions  such  as  don’t  forget  to 
label  every  last  piece  of 
equipment  with  its  IP 
address  so  the  techies  at  the 
ISP  know  how  to  plug  X 
into  Y.  And  another  tip:  If  you 
try  to  save  shipping  charges 
by  hiring  a  company  you’ve 
never  heard  of  to  get  your 
server  from  the  manufacturer 
to  the  ISP,  think  again. 

DocFinder:  2328 

Download  of  the  week 

Admit  it:  Metatags  are  a 
pain  in  the,  well,  they’re  a  real 
pain  —  especially  because 
there  are  so  many  of  them  — 
and  so  many  documents  to 
apply  them  to. 

Tetranet  Software  hopes  to 


e,  right?  with  the  release  of  Metabot 

nwfus 


Pro  1.0,  a  spreadsheet-like 
tool  for  coding  metatags  into 
single  or  multiple  HTML  files. 
Metabot  allows  users  to  view, 
edit  and  insert  tags  into  their 
HTML  files. 

The  tool  supports  multiple 
metatag  standards,  including 
Dublin  Core  and  GILs.  Users 
can  also  create  custom 
metatags  as  well  and  scan 
existing  HTML  files  for 
metatag  data. 

A  15-day  trial  version  is 
available  for  Windows  95,  98 
and  NT  3.51  or  greater.  Get 
Metabot  Pro  1.0  and  other 
handy  Web  coding  tools  from 
our  Fusion  download  area. 

DocFinder:  2330 

Keeping  VPNs  running 

Ron  Nutter’s  Help  Desk  col¬ 
umn  last  week  on  WAN  ser¬ 
vice  guarantees  prompted  a 
discussion  of  ways  to  keep  a 
virtual  private  network  up 
and  running,  even  if  through 
slower  dial-up  connections 
(which  will  take  some  end- 


user  education  about  what 
“emergency  backup”  means, 
for  example,  no  streaming 
video).  See  some  user  tips, 
and  add  your  own. 

DocFinder:  233 1 

The  new  interactivity 

Online  Reporter  Sandra 
Gittlen  recently  took  up  Tae- 
Bo,  the  latest  fitness  craze 
from  the  West  Coast  that,  as 
far  as  we  can  tell,  involves  a 
lot  of  kicking  (but  what  do 
we  know  —  our  idea  of  exer¬ 
cise  is  constantly  clicking  on 
hyperlinks).  She’s  got  the 
video  and  everything.  But 
what  if  you  could  really  inter¬ 
act  with  the  video?  Gittlen 
discusses  her  interactive 
dream. 

DocFinder:  2333 

We  have  a  winner . . . 

In  our  latest  “Name  that 
’Toon”  contest,  that  is.  See  the 
winning  entry  and  all  the 
runners-up  online. 

DocFinder:  2334 
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CONTEMPLATING 
YOUR  NEXT  N 
TECHNOLOGY  MOVE? 


♦  TOWN  * 
MEETING 


1999  SEMINAR  TOUR 

New  York,  NY  •  June  2  Washington,  DC  *  June  29 

Boston,  MA  •  June  3  Atlanta,  GA  •  June  30 
Dallas,  TX  •  June  1 6  San  Francisco,  CA  •  July  1 2 

Chicago,  IL  •  June  17  Irvine,  CA  •  July  13 


PRESENTING  SPONSORS: 

IjKentpox-  =?  Sprint  Visual 

The  Network  Access  Company™  ™  NETWORKS* 


STATE  OF  THE  WAN: 

Maximizing  the  Potential  of 
Frame  Relay,  ATM  and 
Emerging  Network  Services 


LEARN  FROM  THE  LEADER 

The  era  of  expensive,  inflexible  leased-line  networks  is  over! 
So  what’s  your  next  move?  Public  Frame  Relay?  ATM  in  the 
backbone?  TCP/IP  everywhere? 

To  ensure  your  WAN  is  well  positioned  for  the  future, 
join  John  Gallant,  Editor  in  Chief  of  Network  World, 

Dr.  Jim  Metzler  and  Debra  Mielke,  two  leading  industry 
analysts  of  The  Metzler  Group  and  Associates,  and 
representatives  from  the  leading  WAN  vendors  for  State 
of  the  WAN.  Maximizing  the  Potential  of  Frame 
Relay,  ATM  and  Emerging  Network  Services. 
Together,  in  this  unique,  interactive  Town  Meeting  event, 
they  confront  the  issues  surrounding  the  ever-expanding 
areas  of  WAN  technology  and  network  services. 


You  will  leave  this  seminar  with  the  information 
you  need  to  build,  buy  and  manage  the  high¬ 
speed,  reliable  infrastructure  your  business 
applications  demand;  Intranets,  Extranets, 
E-commerce  and  more. 
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Attend  this  FREE  SEMINAR  and  get  the  answers  to 

your  most  pressing  WAN  management  questions: 

•  Compare  and  contrast  the  benefits  of  ATM, 

Frame  Relay  and  other  emerging  Wide  Area 
Networking  technologies  and  services 

•  Learn  to  lower  the  cost  of  operations  and  support 
by  effectively  placing  your  voice  traffic  over  data 
transmission  services 

•  Understand  Quality  of  Service  (QoS)  and  the 
requirements  for  providing  end-to-end  QoS 
including  equipment,  reporting  and  staffing 

•  Probe  vendor  executives  on  plans  for  product 
rollouts,  features  sets  and  product  support 


MODERATORS 

John  Gallant,  Editor  in  Chief,  Network  World 

Dr.  Jim  Metzler  and  Debra  Mielke, 

The  Metzler  Group  and  Associates 


REGISTRATION  IS  FREE!! 

For  more  details  and  a  complete  program  agenda,  call 

(8001643-4668  or  on  the  web 
www.nwfusion.com/townmeeting/wan 


EXHIBITING  SPONSORS: 


Eastern 

Research 


If  you  are  interested  in  presenting  and  exhibiting  sponsorship  opportunities, 
please  contact  Andrea  D'Amato  at  (508)  820-7520  or  adamato@nww.com 
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Editorial  Insights 

How  to  break  the 
vicious  cycle  of  firefighting 

The  gulf  is  widening  between  you  and 
the  providers  of  network  manage¬ 
ment  products.  While  vendors  urge 
customers  to  become  proactive  in 
managing  nets  and  counsel  you  to  embrace 
concepts  such  as  service-level  management,  you 
can't  achieve  those  goals 
because  you’re  so  busy  putting 
out  fires.  You  don't  have  the 
time  and  resources  required  to 
evolve  to  these  higher-level 
management  strategies  and  get 
ahead  of  the  problems  that 
plague  your  networks. 

It’s  a  vicious  cycle  that 
throttles  the  entire  industry. 
You  feel  hopeless,  and  vendors 
fret  because  they  can’t  sell 
you  new-fangled  tools  for  ser- 
!  vice  or  policy  management.  So  I  asked  vendors 
and  consultants  to  outline  some  relatively 
straightforward  steps  you  can  take  to  break  the 
cycle.  I  wanted  concrete  actions  you  can  take  to 
free  up  time  and  money  and  get  more  resources 
to  improve  network  management.  Here  are 
three  things  they  unanimously  agreed  upon: 

•  Implement  a  software  distribution  system. 
If  you’re  not  distributing  new  applications, 
j  upgrades  and  patches  electronically,  you’re 
wasting  time  and  money.  Get  out  of  the  busi¬ 
ness  of  physically  delivering  software  and  put 
your  staff  onto  more  important  jobs.  Combine 
software  distribution  with  license  management 
and  you  stand  to  save  even  more  dough. 

|  •  Focus  on  the  WAN  links.  You  spend  a  for¬ 

tune  on  WAN  links,  and  there  are  some  rela¬ 
tively  inexpensive  tools  that  will  let  you  moni¬ 
tor  WAN  usage  to  consolidate  links  or  to  find 
underused  —  or,  gasp,  unused  —  links.These 
tools  can  keep  your  service  providers  honest 
and  save  you  cold,  hard  cash  —  fast. 

•  Start  building  a  management  intranet.  Steal 
some  time  from  the  company’s  Web  gurus  and 
begin  to  build  a  central  management  informa¬ 
tion  repository  that  makes  it  easier  for  your 
staff  to  find  and  share  data.  Give  administrators 
browser-based  access  to  management  applica¬ 
tions  (most  vendors  offer  that)  and  links  to 
management  resources,  fixes  and  patches  on 
5  vendor  sites.  Put  up  forms  for  end  users  to 
report  problems  or  to  request  moves  and 
changes.  Put  up  FAQs  on  problems  and  solu¬ 
tions.  All  this  eases  the  strain  on  your  staff  and 
helps  you  respond  more  quickly  to  problems. 

With  the  time  and  money  you  save  using 
these  three  steps,  you  can  begin  to  explore 
more  service-oriented  approaches  to  manage¬ 
ment.  At  the  very  least,  you’ll  free  up  a  few 
hours  each  week  to  spend  with  your  kids. 

—  John  Gallant 
jgallant@nww.com 
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Reaction  counts 

I  greatly  appreciated  the  thorough  treatment 
you  gave  to  your  follow-up  investigation  of  last 
year’s  AT&T  frame  relay  outage  (“AT&T’s  big 
fix,”  March  22,  page  1).A11  of  us  in  the  industry 
must  learn  from  this  type  of  experience. 

One  of  the  most  important  aspects  of  a  net¬ 
work  failure  such  as  this  is  how  the  provider’s 
management  reacts  to  the  situation.  Judging 
from  your  article,  it  is  clear  to  me  that  AT&T’s  oper¬ 
ational  and  executive  managers  were  extremely 
attentive  to  the  needs  of  their  customers.  AT&T 
CEO  C.  Michael  Armstrong  showed  once  again  that 
leadership  emanates  from  the  top. 

Bruce  Elbert 

Senior  vice  president 

Hughes  Space  and  Communications 

International 

El  Segundo,  Calif. 

It’s  maddening 

Regarding  Mark  Gibbs’ “Backspin”  column  “Free 
speech  and  shouting  madmen”  (March  15,  page 
66):  If  a  madman  shouts  in  the  woods  with  no  one 
to  hear  him,  does  he  say  anything?  If  there  isn’t  a 
market,  sooner  or  later  the  madman  will  choose 
another  forum,  cease  and  desist,  or  find  another 
group  to  hate. 

While  we  cannot  legislate  madmen  out  of  exis¬ 
tence,  we  can,  through  education,  discourage  their 
proliferation.  I  would  like  to  see  tighter  controls  on 
the  use  of  unsolicited  e-mail.  Anything  beyond  that, 
however,  is  a  cause  for  concern. 

Ron  Williams 
Co-owner 

Turtle  Creek  Communications 
Palacios,  Texas 

The  Internet,  as  it  is  right  now,  contributes 
slowly  to  the  demise  of  civilization.  Big  claim? 
Maybe.  Civilization  is  a  collection  of  rules  and 
codes  of  behavior  accepted  by  the  majority  of  the 
people  living  in  a  society.  The  Internet  breaks  that 
down,  giving  a  disproportionate  voice  to  the  mar¬ 


ginalized  people  of  society.  On  the  Internet, 
we  can  ignore  most  of  the  “rules”  with  rela¬ 
tive  impunity.  We  don’t  have  to  negotiate  or 
compromise;  we  don’t  even  have  to  try  to  see 
the  other  person’s  side.  We  can  indulge  our 
feelings  of  entitlement  and  not  worry  about 
the  responsibilities  imposed  upon  us  by  our 
rights.  At  its  worst,  the  Internet  is  everything 
that  is  wrong  with  a  popular  democracy. 

Now  I  am  not  claiming  that  the  Internet 
created  these  conditions,  but  it  sure  is  helping 
to  accelerate  them.  People  need  to  learn  (again) 
that  having  rights  brings  responsibilities,  and  these 
responsibilities  can  be  very  heavy.  Maybe  we  need 
a  cultural  exchange  program  with  several  dictator¬ 
ships  to  teach  people  what  their  “rights”  really 
mean.Too  often  we  hear  the  cry  of  “I  deserve” 
without  any  thought  as  to  why.  Restoring  the 
power  that  public  shame  used  to  wield  would  not 
be  a  bad  idea  either. 

Are  software  vendors,  large  corporations  and 
activist  groups  the  right  ones  to  lead  us  in  these 
matters?  While  I  think  they  can  help,  I  think  a 
broader  societal  change  may  be  in  order.  But  we 
have  to  start  somewhere.  Support  your  local 
schools,  and  buy  every  kid  a  copy  of  Aristotle’s 
Ethics  or  at  least  The  Federalist  Papers. 

Joseph  Hayes 
New  York 

Critical  Y2K  date 

While  coordinating  my  company’s  Y2K  project, 
armed  with  the  critical  dates  of  9/9/1999, 1/1/2000, 
2/29/2000  and  3/1/2000, 1  suddenly  realized  that 
there  exists  another  critical  date  that  I  have  yet  to 
see  mentioned:  10/10/2000. 

What  is  so  special  about  this  date?  It’s  the  first 
date  that  can  be  described  by  no  less  than  10 
characters.  (While  12/31/99  and  a  number  of 
other  dates  also  seem  to  have  10  characters,  many 
programs  will  truncate  a  19XX  year  to  just  the  last 
two  digits.)  I  have  already  found  programs  that 
pass  all  of  the  standard  date  tests  just  fine,  but  fail 
this  test  because  of  nine-character  screen  or 
report  fields. 

Biff  Simpson 
Holyoke,  Mass. 


Send  letters  to  nwnews@nww.com  or  John 
Gallant,  editor  in  chief.  Network  World, 
161  Worcester  Road,  Framingham ,  MA 
01701.  Please  include  phone  number  and 
address  for  verification. 
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Network  Management  .  Richard  Ptak 

Tools  for  managing  the  new  enterprise 


Thanks  in  large  part  to  the  electronic  com¬ 
merce  explosion,  IT  managers  are  responsible 
for  a  complex  web  of  networks  consisting  of 
transiently  connected  communications 
devices,  servers  and  Internet-based  applica¬ 
tions.  You  may  find  yourself  responsible  for 
delivering  services  to  desktop  systems  of  which  you 
have  little  control,  with  no  knowledge  of  the  sys¬ 
tem’s  state  prior  to  the  connection. 

Managing  this  technical  infrastructure  with  its  myri¬ 
ad  components  is  a  multifaceted  challenge. Applica¬ 
tions  are  proliferating  that  have  bits  and  pieces  run¬ 
ning  across  multiple  platforms.You  need  to  be  able  to 
manage  not  only  the  configuration  of  these  applica¬ 
tions  but  also  the  total  network  performance.  Further¬ 
more,  in  order  to  diagnose  problems,  you  need  an  inte¬ 
grated,  end-to-end  view  of  the  network.  Fortunately, 
some  excellent  products  are  available  that  help  handle 
application  configuration  management  and  end-to-end 
performance  management,  testing  and  monitoring. 

For  example,  Intrasoft’s  KeyVision  (www.kvlabs. 
com)  provides  application  configuration  management 


on  Windows  platforms.  Agents  installed  on  managed 
desktops  and  servers  gather  dynamic  configuration 
data  to  describe  application,  operating  system  and 
network  services.  This  data  is  fed  to  a  central  reposi¬ 
tory  that  turns  it  into  useful  information  about  the 
applications,  the  machines  on  which  they’re  installed 
and  their  users.  You  can  use  this  information  to  tune 
the  application’s  performance,  plan  routine  mainte¬ 
nance  or  resolve  critical  component  failures. 

Network  Associates  (www.networkassociates.com) 
has  enhanced  its  Sniffer  Total  Network  Visibility  net¬ 
work  fault  and  performance  management  suite  for 
e-commerce  applications. The  enhanced  Sniffer  has 
three  notable  components.  Distributed  Sniffer  moni¬ 
tors  network  traffic,  directly  measures  actual 
response  times  of  e-commerce  transactions  and 
sends  alerts  based  on  both  failed  transactions  and 
performance  thresholds  being  exceeded.  Event 
Orchestrator  processes  alarms  by  escalating  them  to 
the  responsible  department  or  individual  via  trouble 
tickets.  And  Network  Informant  provides  standard 
reports  on  LAN  and  WAN  utilization,  including  ser¬ 


vice  provider  performance. 

Ganymede  Software  (www.ganymedesoftware. 
com)  offers  tools  that  provide  performance  monitor¬ 
ing  and  analysis.  Ganymede’s  Chariot  is  a  system 
for  testing  end-to-end  network  performance.  Agents 
residing  on  managed  devices  collect  and  report 
response  times  to  a  central  manager.  Ganymede 
also  offers  a  network  performance  monitoring  tool 
called  Pegasus,  which  provides  Web-based  reports  on 
response  times,  throughput  and  availability.  Pegasus 
automatically  tracks  performance  to  build  an  excep¬ 
tions  profile,  which  triggers  alerts  when  the  base¬ 
lines  are  violated. 

Choosing  the  right  tool  set  will  depend  on  your 
company’s  IT  goals,  existing  infrastructure,  skills  and 
organizational  issues. 

Ptak  is  vice  president  of  systems  and  application 
management  at  Hurwitz  Group ,  a  Framingham, 
Mass.,  analysis  firm  specializing  in  strategic  busi¬ 
ness  applications.  He  can  be  reached  at  rlptak@ 
hurwitz.com. 


The  Intelligent  Network  .  Mary  Petrosky 

MPLS  GROUP  SHOULD  UNITE  ON  ROUTING  APPROACH 


When  Cisco  brought  its  Tag  Switching  pro¬ 
posal  to  the  Internet  Engineering  Task 
Force  (IETF)  in  late  1996,  it  set  in  motion 
the  standardization  of  what  has  come  to  be 
called  Multi-protocol  Label  Switching 
(MPLS).  Now,  after  a  number  of  key  specifi¬ 
cations  have  been  finalized  and  implementations  are 
ready  to  roll  out  in  earnest,  a  split  in  the  MPLS  work¬ 
ing  group  over  a  key  stan¬ 
dard  could  slow  customer 
adoption  of  the  technology. 

MPLS  is  geared  primarily 
toward  service  providers 
and  carriers.  However,  it  also 
has  a  number  of  features 
that  will  benefit  enterprise 
customers,  regardless  of 
whether  they’re  using  public  or  private  WAN  ser¬ 
vices.  For  example,  MPLS  allows  for  traffic  engineer¬ 
ing,  which  should  translate  into  improved  through¬ 
put  and  fewer  outages  for  customers. 

As  currently  defined,  MPLS  is  a  shorthand  method 
for  IP  routing  based  on  labels. The  labels  can  be 
used  to  represent  hop-by-hop  or  explicit  routes  and 
to  indicate  quality-of-service  (QoS),  virtual  private 
network  and  other  types  of  information  that  affect 
how  a  given  type  of  traffic  (or  a  particular  cus¬ 
tomer’s  traffic)  is  carried  across  a  network. 

MPLS  can  operate  across  various  media,  and  the 
MPLS  working  group  to  date  has  standardized  the 
labels  to  be  used  on  frame  relay,  ATM  and  PPP  links, 
as  well  as  on  IEEE  802.3  LANs.  One  of  the  benefits 
of  MPLS  operating  over  frame  relay  and  ATM  is  that 
it  brings  the  any-to-any  connectivity  of  IP  to  these 


connection-oriented  technologies. This  capability  is 
key  to  AT&T’s  recently  announced  IP-enabled  frame 
relay.  By  adding  MPLS  software  to  its  core  ATM 
switches,  AT&T  will  allow  its  frame-relay  customers 
to  interconnect  multiple  sites  using  a  single  circuit, 
rather  than  having  to  provision  circuits  on  a  one-for- 
one  basis  to  each  connected  site. 

A  number  of  MPLS’  most  significant  benefits,  includ¬ 
ing  traffic  engineering  and  QoS  support,  hinge  on  its 
ability  to  support  explicit  routing.Today,  routing  proto¬ 
cols  pick  the  shortest  path  between  a  given  source 
and  destination,  regardless  of  whether  that  path  is 
overloaded.  With  explicit  routing,  service  providers 
can  pick  the  path  that  specific  traffic  traverses, 
enabling  video  traffic  to  take  a  low-latency  path. 

Unfortunately,  there  are  two  explicit  routing  camps 
within  the  MPLS  working  group.  One,  led  by  Cisco,  is 
promoting  the  use  of  a  reworked  version  of  the 
Resource  Reservation  Protocol  (RSVP)  to  support 
explicit  routing.The  other,  led  by  Nortel  Networks,  is 
backing  the  use  of  extensions  to  the  Label  Distribu¬ 
tion  Protocol  (LDP),  which  the  MPLS  working  group 
has  already  approved  for  hop-by-hop  routing. 

Cisco  already  sells  an  implementation  of  explicit 


routing  based  on  RSVP  as  part  of  its  prestandard 
MPLS  offering,  which  began  shipping  about  a  year 
ago  under  the  Tag  Switching  banner.  Likewise, 
Juniper  Networks,  another  supporter  of  the  RSVP 
approach,  has  been  shipping  a  prestandard  imple¬ 
mentation  of  MPLS  with  RSVP  support  for  some 
months.  Cisco  anticipates  that  vendors  will  begin 
interoperability  testing  of  the  RSVP  approach  in  the 
coming  months. 

For  its  part,  Nortel,  with  Ericsson  and  General 
DataComm,  late  last  year  completed  interoperability 
testing  of  its  approach,  known  as  Constraint-Based 
Routing  using  LDP  (CR-LDP).  Nortel  also  recently  an¬ 
nounced  it  will  provide  other  vendors  with  source 
code  to  a  key  part  of  its  CR-LDP  implementation  for 
free.  Nortel’s  move  should  speed  vendor  deploy¬ 
ments  of  CR-LDP. 

At  this  time,  the  MPLS  working  group  is  proceed¬ 
ing  with  both  approaches.  While  choice  is  often  a 
positive  thing,  there’s  questionable  value  in  having 
two  standards  that  address  the  same  problem. 

Clearly  there  will  be  serious  interoperability  issues. 
Likewise,  many  vendors  will  find  themselves  bur¬ 
dened  with  implementing  both  sets  of  protocols. 

Vendors  expect  the  market  to  decide  which 
approach  will  succeed.  While  that’s  a  democratic  atti¬ 
tude,  past  experience  has  shown  that  customers  often 
postpone  adopting  new  technologies  in  the  face  of 
uncertainty.  Given  MPLS’  potential  benefits,  it  would 
be  a  shame  if  its  deployment  were  slowed  for  lack  of 
agreement  on  a  single  explicit  routing  approach. 

Petrosky  is  an  independent  technology  analyst 
in  San  Mateo,  Calif.  She  can  be  reached  at 
mary@mpetrosky  com. 
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Your  customers,  business  partners, 
and  competitors  already  have  one. 

Shouldn't  you? 


Michael  Johnson,  CIO,  A.T.  Kearney 
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DRIVING  A 
HARD  BARGAIN 

Walk  away  from  the  negotiating  table  with 
world-class  telecom  contract  pricing  and  terms. 


BY  BRETT  MACHTIG 

our  company  may  already  have  a  better 
than  average  telecom  contract,  but 
chances  are  you  can  still  do  better.  Even 
a  small  difference  in  service  rates  can 
add  up  to  millions  of  dollars  in  savings 
per  year. 

If  a  Fortune  500  manufacturer  can  save 
30%  on  telecom  costs  by  renegotiating  its 
contract,  that  same  firm  would  need  to 
increase  sales  by  as  much  as  10%  to 
achieve  the  same  incremental  profit,  says 
Hank  Levine,  a  partner  of  Levine,  Blaszak, 


Block  &  Boothby,  a  law  firm  in  Washington,  D.C. 

But  the  best  deals  aren’t  necessarily  reserved  for 
the  largest  players. Volume  commitment  has  little  to 
do  with  the  telecom  pricing  a  company  receives, 
according  to  a  study  by  Deloitte  Consulting.  In  the 
study,  the  two  companies  with  the  best  contract  pric¬ 
ing  had  a  minimum  annual  commitment  of  around 
$20  million,  while  firms  with  commitments  of  up  to 
$30  million  were  among  the  companies  paying  the 
highest  overall  rates. 

No  matter  the  size  of  your  telecom  contract,  this 
guide  will  point  out  common  mistakes  to  avoid  and 
show  you  how  to  get  the  best  possible  telecom 
prices  and  terms.  Good  luck  negotiating. 


Machtig  is  an  executive  vice  president  at  Tel- 
wares,  a  Destin,  Fla.,  telecom  procurement  and 
negotiation  services  firm.  He 
has  authored  several  best-sell¬ 
ing  books  and  special  reports, 
including  “How  Fortune  500 
Companies  Can  Improve 
Telecom  Contract  Prices  and 
Terms.” Machtig  can  be  reached 
at  machtigl@aol.com  or  (612) 
325-9999. 


Knowledge  is  power 


Before  you  try  to  swing  a  better  deal,  you’ve 
got  to  know  where  you  stand.There  are 
five  ways  to  measure  the  competitiveness 
of  a  proposed  telecom  contract.  Each 
method  has  its  limitations,  so  experts  sug¬ 
gest  using  a  combination  of  tools  to  cover  your  bases. 

1.  Tariff  or  benchmarking  services.  These  are  rela¬ 
tively  inexpensive  sources  of  data,  but  the  downside  is 
that  tariff  information  is  hard,  if  not  impossible,  to  inter- 
pret.Tariffs  are  provided  in  aggre¬ 
gate,  making  it  difficult  to  perform 
a  side-by-side  comparison.There  is 
also  a  filing  lag  of  up  to  six 
months  with  some  carriers,  so 
these  services  provide  only  histor¬ 
ical  prices  at  best. 

The  contracts  you  want  are  the 
ones  carriers  don’t  want  you  to 
know  about,  so  sometimes  they 
hide  the  most  attractive  contracts 
by  filing  multiple  tariffs  to  repre¬ 
sent  the  entire  deal. This  practice 
is  called  tariff  stacking.  Because 
carriers  file  tariffs  by  number  and 
not  by  customer  name,  it’s  diffi¬ 
cult  to  find  these  hidden  gems. 

2.  Requests  for  proposal  (RFP).  An  REP  should  moti¬ 
vate  all  potential  bidders  to  submit  their  best  prices 
and  terms,  but  there  are  many  reasons  why  this  does 
not  usually  happen: 

■  Carriers  bid  to  protect  their  own  interests. 


■  Some  network  managers  and  corporate  in-house 
legal  departments  ask  for  onerous  terms  and  condi¬ 
tions  that  raise  the  carrier’s  perception  of  risk  and  thus 
raise  bottom-line  costs. 

■  An  RFP  is  just  the  first  step  in  negotiations. 

■The  incumbent  carrier’s  account  team  must 

believe  it  has  a  realistic  chance  of  loss  or  hope  for  gain 
when  entering  repricing  negotiations.  Otherwise,  the 
team  will  not  provide  a  competitive  bid.  Alternative  car¬ 
riers  must  also  believe  they  have 
a  chance  to  win  your  business. 

3.  Carrier-provided  price  com¬ 
parisons.  Carriers  specifically  cre¬ 
ate  these  customer  lists  to  justify 
their  higher  rates. 

4.  Third  parties.  Outside  tele¬ 
com  negotiators,  legal  firms, 
accounting  firms  and  consulting 
companies  all  may  specialize  in 
telecom  repricing. These  firms 
vary  from  one-person  consulting 
companies  to  larger  firms  that 
can  handle  the  entire  RFP 
process.The  benefit  of  the  more 
sophisticated  firms  is  they  have 

experience  with  a  broader  range  of  deals.  Some  firms 
provide  performance  guarantees  and  others  charge  on 
a  fixed  fee  or  hourly  basis. 

However,  each  consultant  has  expertise  in  a  specific 
field,  so  you  may  need  to  hire  more  than  one. 

5.  Internal  telecom  departments.  Most  large  firms 


have  telecom  or  procurement  departments  that  han¬ 
dle  negotiations  and  repricing.  However,  using  in- 
house  departments  has  three  drawbacks: 

■  Because  employees  were  involved  in  negotiating 
the  existing  deals,  it’s  hard  for  them  to  set  aside  their 
loyalty  and  pride  of  ownership  to  get  a  proper  per¬ 
spective  on  new  deals. 

■  Their  experiences  might  be  confined  to  the  nego¬ 
tiations  they  had  with  a  single  regional  account  team, 
limiting  their  frames  of  reference. 

■  Employees  are  charged  with  doing  everything  they 
can  to  improve  the  bottom  line,  so  when  the  incum¬ 
bent  carrier  offers  a  better  rate,  it’s  hard  to  decline  it. 
However,  the  firm  may  still  be  paying  considerably 
more  than  current  market  prices.  \A 


How  contracts  stack  up 

Although  most  network  executives  believe  their 
firm's  telecom  contracts  are  better  than  or  equal 
to  their  peers',  the  reality  is  quite  different. 


World-class 
5% 

Above 
average 
10% 


Poor 

—  5% 

Below 

average 

10% 


SOURCE  BRETT  MACHTIG.  *H0W  FORTUNE  500  COMPANIES  CAN 
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Unless  you  just  signed  a  new  contract, 
now  is  almost  always  an  appropriate 
time  to  seek  better  prices  and  terms. 
However,  the  ideal  time  to  renegoti¬ 
ate  varies  on  how  long  the  contract 
has  been  in  effect. There  are  four  distinct  phases  to 
a  contract’s  life  span. 

Phase  One  begins  when  the  agreement  is  signed 
and  runs  six  months  into  the  contract. This  is 
usually  a  bad  time  for  repricing  because  the  short 
duration  of  the  new  deal  provides  no  negotiation 
leverage. 

Typically,  you  don’t  need  to  take  action  in  this 
phase,  but  if  your  company  undergoes  a  merger  or 
acquisition,  this  might  give  you  repricing  leverage. 

The  care  and  feeding  of  a  contract 


Phase  Two  begins  about  seven  months  into  the 
contract  and  continues  until  12  months  before  the 
end  of  the  contract. There  are  two  reasons  to  initi¬ 
ate  repricing  during  this  phase. The  first  reason  is  a 
change  in  your  telecom  usage  due  to  a  merger, 
acquisition  or  rapid  growth.  In  this  scenario,  you 
have  something  the  carrier  wants  —  more  commit¬ 
ted  business. 

The  second  reason  to  reprice  involves  external 
circumstances,  such  as  regulatory  changes,  com¬ 
petitive  pricing  pressures  or  technological 
advances. 

Benchmark  your  tariffs  every  six  to  12  months. 
Keep  in  mind  that  carriers  are  more  motivated  by 
the  fear  of  loss  than  the  hope  of  gain,  so  you  won’t 

get  the  best 
prices  unless 
there’s  a  genuine 
perceived  threat 
of  lost  business. 

Phase  Three 
lasts  from  12  to 
six  months  before 
the  expiration 
date  of  the  con¬ 
tract.  This  is  the 
ideal  time  to 
begin  the  pro¬ 
curement  cycle 
because  it  gives 


you  enough  time  to  solicit  requests  for  proposal 
(RFP)  from  all  potential  carriers  and  switch  to  a  new 
carrier  if  necessary. 

In  this  phase,  the  carrier’s  strategy  is  to  give  you 
better  rates  only  if  you  commit  more  business  or 
extend  the  contract  duration,  even  if  the  carrier  is 
contractually  obligated  to  give  you  better  rates. 

Phase  Four  covers  the  last  five  months  of  the 
contract. At  this  point,  you  have  waited  too  long  to 
get  the  most  from  an  RFP.  If  you  let  your  deal 
expire,  your  incumbent  carrier  can  threaten  to 
revert  you  to  full  tariff  pricing,  which  could  repre¬ 
sent  as  much  as  a  75%  price  increase. 

If  your  contract  is  at  this  stage,  consider  hiring  a 
consulting  firm  to  expedite  the  RFP.  3 


Follow  these  general  guidelines  for  determining  what  you  should  be  doing  throughout  the 
four  phases  of  a  voice  or  data  telecom  contract's  lifespan. 

Contract  phase  Phase  One  Phase  Two  Phase  Three  Phase  Four 

Timeframe  From  signing  to  six  From  seven  months  to  From  12  to  six  months  Five  months  until  the 

months  into  a  contract  12  months  until  the  until  the  end  of  the  end  of  the  contract 

end  of  the  contract  contract 


Buyer  action  Implement;  wait  to  Reprice  as  oppor  Begin  the  formal  RFP  Scramble;  too  late  for 
reprice  tunities  arise  process  maximum  leverage 

SOURCE  BRETT  MACHTIG.  'HOW  FORTUNE  500  COMPANIES  CAN  IMPROVE  TELECOM  CONTRACT  PRICES  AND  TERMS.’ 


RFP  pointers 

There  are  four  steps  to  soliciting  and 

choosing  a  telecom  contract  proposal: 
data  collection;  request  for  proposal 
(RFP)  development  and  issuance;  pro¬ 
posal  evaluations;  and  contract  negotia¬ 
tions  and  implementation. The  whole  procurement 
cycle  typically  takes  anywhere  from  90  days  to  nine 
months  to  complete,  but  the  following  tips  will 
make  the  task  go  more  smoothly. 

Data  collection.  This  is  the  stage  in  which  you  deter¬ 
mine  your  company’s  telecom  volume  and  service  mix. 

■  Ask  your  carrier  for  high-level  consolidated  usage 
reports  and  statements  on  CD-ROM. These  reports 
help  a  consultant  recommend  the  most  cost-effective 
configuration  to  bid  out  to  potential  providers. 

■  Don’t  assume  your  carrier  billing  information  is 
accurate  —  check  it  first  and  correct  it  if  necessary. 

■  Familiarize  yourself  with  changes  in  telecom 
technology'  that  can  bring  you  savings.  For  example, 
many  new  digital  cellular  phone  contracts  don’t 
include  long-distance  or  roaming  charges. 

■  Collect  information  from  all  levels  of  your  compa¬ 
ny'.  Steve  Shea  of  Deloitte  Consulting  relates  how  one 
client  thought  it  was  spending  approximately  $6  mil¬ 
lion  with  a  particular  carrier,  but  further  research  found 
the  company  actually  spent  more  than  $10  million.This 
40%  difference  can  greatly  affect  your  leverage. 

RFP  development  and  issuance.  The  RFP  is  a  docu¬ 
ment  that  spells  out  your  service  requirements  and 
gives  potential  carriers  the  information  they  need  to 


prepare  a  bid. 

■  Be  sure  to  consider  all  potential  providers, 
including  second-  and  third-tier  carriers. 

■  Remember  that  the  purpose  of  an  RFP  is  to  initi¬ 
ate  negotiations.  Wait  until  you  lock  in  good  prices 
before  you  bring  in  key  terms  and  conditions. 
Pushing  for  heavy  service  levels  early  on  will  just 
result  in  high  prices. 

■  Don’t  request  proposals  from  carriers  you  don’t 
intend  to  do  business  with  —  this  wastes  your  time 
and  theirs. 

Proposal  evaluations.  Here  is  the  point  at  which 
you’ll  analyze,  rank  and  evaluate  carriers’  responses 
for  cost  and  capability,  narrowing  the  selection  until 
you  choose  a  provider. 

■  Mandate  that  carriers  submit  responses  in  a  way 


that  allows  an  apples-to-apples  comparison. 

■  Be  aware  of  the  four  biggest  carrier  lies,  warns 
Hank  Levine  of  Levine,  Blaszak,  Block  &  Boothby,  a 
Washington,  D.C.  law  firm.These  are: ‘I  can’t  change 
that;  it’s  in  the  tariff;’  ‘Oh,  no!  I  won’t  go  over  your 
head;’ Our  RFP  response  is  our  best  and  final  offer;’ 
and  ‘The  Federal  Communications  Commission  made 
us  pass  along  the  Gore  tax:  If  we  didn’t,  we’d  lose  bil- 
lions.’The  truth  is,  almost  any  part  of  your  deal  can  be 
changed. 

■  Make  sure  you  get  a  rate-stabilization  clause  in 
the  contract,  or  the  competitive  prices  you’re  getting 
could  quickly  disappear  a  few  months  after  you  sign. 

■  Don’t  trust  carriers’  savings  projections.  In  one 
instance,  a  carrier  overestimated  the  savings  of  a  $10 
million  deal  by  $  1  million  because  it  used  inaccurate 
traffic  growth  projections,  according  to  Shea.Test 
each  assumption  for  accuracy  and  verify  the  pricing 
algorithms  used. 

■  Evaluate  the  volume  commitment  the  carrier  out¬ 
lines  and  the  risk  associated  with  failing  to  meet  it. 

Contract  negotiations  and  implementation.  At  this 
point,  you  create  a  contract  and  implementation  plan 
with  your  chosen  carrier. 

■  Understand  all  the  ramifications  and  nuances  of 
the  contract,  or  ask  a  professional  to  review  it.  Many 
of  the  “gotchas”  are  transparent  because  carries  have 
omitted  a  key  clause,  while  some  are  explicit,  as  in 
escalator  clauses.  One  type  of  escalator  clause  resets 
your  minimum  annual  commitment  based  on  a  per¬ 
centage  of  your  prior-year’s  usage  or  a  set  dollar 
amount,  whichever  is  greater. The  result  is  that  your 
firm  loses  one  of  its  biggest  future  leverage  points. 

■  Ensure  the  carrier  outlines  all  terms  and  condi¬ 
tions  noted  in  the  contract  as  part  of  the  tariff  it  files 
to  the  FCC.  3 
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Negotiation  tips 


Now  that  you’re  familiar 
with  the  strategy  for 
securing  the  best  possi¬ 
ble  service  and  savings, 
remember  to  apply 

these  key  points  whenever  you  negoti¬ 
ate  with  carriers. 

1 .  Reprice  your  telecom  contract  at 
least  every'  six  to  12  months.  For  exam¬ 
ple,  an  $18  billion  firm  saved  $10  mil¬ 
lion  on  its  telecom  contract  by'  repric¬ 
ing,  which  translates  into  a  5%  increase 
in  profit. 

2.  Maintain  flexibility.  If  you  are 
overcommitted  in  certain  aspects  of  a 
contract,  you  can  often  substitute 
other  telecom  services  to  meet  a  car¬ 
rier's  usage  requirements. 

3.  Give  your  company  at  least  eight 


to  1 2  months  before  your  telecom 
contract  ends  to  get  through  the 
request  for  proposal  process  and 
potentially  switch  to  a  new  carrier. 

4.  Don’t  take  cash  upfront  for  con¬ 
tract  extension  offers  without  doing  a 
full  analysis  of  its  impact  over  an 
extended  period.  Many  experts  pre¬ 
dict  dramatic  shifts  in  pricing  as  local 
exchange  carriers  begin  to  compete 
in  the  long-distance  markets,  so  a  con¬ 
tract  extension  could  cost  you  money 
in  the  long  run. 

5.  Put  a  “stewardship”  or  a  rate- 


review  clause  in  the  contract  that 
gives  your  company  the  right  to  adjust 
your  contract  pricing  so  it’s  in  line 


with  current  market  prices. 

6.  Hire  outside  experts  who  are  reg¬ 
ularly  involved  in  the  telecom  contract 
negotiation  process  rather  than  relying 
solely  upon  vour  internal  department's 
limited  frame  of  reference. 

7.  Don’t  agree  to  automatic  mini¬ 
mum  annual  commitment  increases. 


8.  Don’t  rule  out  second-  and  third 
tier  providers:  these  carriers  have 
really  improved  the  quality  of  their 
services. 

9.  Don’t  let  your  internal  telecom 
team  get  caught  up  in  justifying  the 
current  deal.  Instead,  rew  ard  the  team 
for  improving  it.  A 
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Register  today  for  the  seminar  nearest  you! 

Your  registration  fee  of  $995  includes: 

Two-day  seminar,  comprehensive  seminar  workbook,  copy  of 
best-selling  Handbook  of  Communications  Systems  and  Networks 
by  course  presenter  Ray  Horak,  and  continental  breakfast, 
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PROGRAM  OVERVIEW 

The  networked  world  is  growing  ever  more  complex.  Each  new 
technology  promises  to  fill  a  specific  need  with  greater  speed, 
better  quality  and  at  lower  cost.  Each  brings  with  it  a 
bewildering  array  of  new  terms  and  acronyms  ...  a  new 
language,  in  effect. The  result  is  confusion. 

Essentials  of  Network  Technologies  ...  and  their  Practical 
Applications  cuts  through  the  maze  of  jargon  across  the  LAN, 
MAN  and  WAN  domains.This  updated  seminar  is  a  dynamic. 
plain-English,  common-sense  and  thoroughly  understandable 
explanation  of  current  and  developing  communications 
systems  and  networks.  Acronyms  are  decoded,  technologies 
demystified,  standards  put  into  perspective  and  trends 
explored.  Step-by-step  and  technology-by-technology,  the 
present  and  future  networked  world  is  set  in  the  context  of 
meaningful  and  cost-effective  business  applications. 

Whether  you  need  a  firm  understanding  of  networking 
technologies  and  their  application,  or  a  comprehensive 
update  of  current  developments,  this  invaluable  seminar  will 
meet  your  needs.  Interactive  case  studies  are  interwoven 
throughout  in  order  to  illustrate  the  practical  application 
...  or  lack  thereof  ...  of  the  technologies  presented. 

KEY  BENEFITS  OF  ATTENDING 

Grasp  the  fundamentals  of  transmission  systems  from  analog 
to  digital,  from  twisted  pair  through  fiber  optics  and  from 
wired  through  wireless 

Explore  carrier  options  such  as  ILECs,  CAPs.  CLECs 
and  IXCs 

Understand  the  access  and  transport  technologies,  from 
X.25  through  T-Carrier.  ISDN.  ADSL.  RADSL.  IDSL.WLL 
and  SONET 

Get  a  handle  on  LAN  networking:  Bridges.  Hubs,  Switches 
and  Routers 

Understand  Voice  over  Frame  and  Voice  over  IP:  Does  it  make 
sense  to  talk  over  your  data  network? 


WHO  SHOULD  ATTEND 

•  Those  new  to  networking  and  seeking  a  firm  foundation 

•  IS  professionals  requiring  an  overview  of  communications 
fundamentals  and  trends 

•  Nontechnical  professionals  in  the  disciplines  of  law. 
education,  finance,  marketing  and  public  relations 

•  Decision  makers  seeking  a  big-picture  perspective  of 
broadband  and  high-performance  networks  ...  in  plain  English 


QN-SiTfe  v  : 

If  you  are  interested  in  having  this  seminar 
customized  and  taught  on-site  at  your  company, 
please  call  Bill  Bernardi  at  (508)  820-7506. 


(800)643-4668 

www.nwfusion.com/ seminars 
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BY  JOHN  BASS, 

NETWORK  WORLD  TEST  ALLIANCE 

lien  Compaq  introduced  the  Pro¬ 
Liant  6500,  it  was  powered  by  the 
Pentium  Pro  CPU.  Now  that  Xeon  is 
king  of  the  CPU  hill,  Compaq  has 
upgraded  the  6500.  Priced  at 
$24,525,  the  revised  6500  is  an 
enterprise  server  that  is  a  good  bang 
for  the  buck. 

The  soul  of  the  machine  is  its 
four  450-MHz  Pentium  II  Xeon 
processors,  each  with  2M  bytes  of 
Level  2  cache  —  the  fastest  CPU  subsystem  we’ve 
tested. The  unit  complemented  the  CPU  with  1G  byte 
of  memory,  two  dual-port  10/100  PCI  Ethernet  cards 
and  six  4.3G-byte  Ultra2  drives,  which  are  controlled 
by  a  Compaq  SmartArray  3200  and  a  two-channel 
Ultra2  RAID  controller  with  64M  bytes  of  battery- 
backed  cache. The  four-way  interleaved  error  check¬ 
ing  and  correcting  memory  must  be  added  four  dual 
in-line  memory  modules  (DIMM)  at  a  time.  With  its  16 
DIMM  slots  populated  with  256M-byte  DIMMs,  the 
6500  supports  a  maximum  of  4G  bytes  of  memory. 


Review 

XEON  PACKS 
SERVER  PUNCH 


New  ProLiant  6500  shows  great  performance  and  features. 


Feature  and  configuration  table 

Server 

ProLiant  6500 

Vendor 

Compaq;  (800)  888-0220;  www.compaq.com/  1 
prod  u  cts/se  rve  rs/p  rol  i  a  nt  6500-xe  on/ 
index2.html 

Price 

$24,525 

Processor  type 

450-MHz  Pentium  II  Xeon 

1  No.  of  processors 

Four 

No.  of  processors  supported 

Four 

Memory  configuration 

1  G-byte;  1664M-byte  DIMM;  four-way 
interleaved 

No.  and  type  of  RAM  slots 

16  DIMM  slots 

Expansion  slots  present 

Five  64-bit  PCI;  one  32-bit  PCI/ISA 

Expansion  slots  available 

Four  64-bit  PCI 

Disk  controller 

SmartArray  3200  two-channel  Ultra2  SCSI 

RAID  controller 

Hard  drive  description 

Six  4.3G-byte  Seagate  Cheetah  drives, 

UltraWide  SCSI,  10,000  rpm 

No.  and  description 
of  hard  drive  bays 

Seven  one-inch  orfive  1.6-inch  hot-swap 
three  removable  media  bays 

Network  interface 

Two  NC3131  dual-port  i 6/1 00 

CD-ROM 

32XSCSI 

Availability  features 

PCI  hot  plug;  redundant  processor  power 
module;  retention  screw  to  improve  slot-2 
connector;  dual  redundant  756-watt  load¬ 
balancing  power  supplies;  redundant  hot 
plug  fans  for  I/O  and  processors;  redundant 

NIC;  ECC  memory 

Manageability  features 

Compaq  Insight  Manager;  Integrated  Remote 
Console;  Integrated  Management  Display 

Security  features 

Power-on  password;  convertible  to  tower  with 
a  bezel  lock;  keyboard  password;  lockable 
power  supplies 

Bundled  software 

SmartStart;  Compaq  Insight  Manager 

Warranty 

Three-year  on-site,  prefailure  warranty  on 

RAM,  hard  drives  and  processors 

The  6500  blazed  through  perfor¬ 
mance  tests.  It  had  the  best  CPU  per¬ 
formance  of  any  server  we’ve  ever 
tested,  as  measured  by  Blue  Curve’s 
Dynameasure  SQL  Professional  2.0. 

Despite  its  top  showing  in  our 
database  test,  the  server’s  file  subsys¬ 
tem  performance  was  far  from  the 
best  we’ve  tested.  It  scored  a  little 
lower  than  the  ProLiant  6000, 
which  we  reviewed  last  year  (www. 
nwfusion.com,  DocFinder:  2323). 

In  a  test  to  measure  network  adapter  performance, 
we  stressed  the  network  interface  card  (NIC)  using 
Ganymede  Software’s  Chariot  2.2  net  performance  test¬ 
ing  software.We  set  up  four  bidirectional  streams  of 
traffic  that  terminated  in  the  server, 
balanced  over  two  Fast  Ethernet 
NICs.  Each  stream  terminated  at  a 
separate  client  with  a  Fast  Ethernet 
NIC.  Half  the  streams  simulated  HTTP 
GIF  requests  and  half  simulated  HTTP 
text  requests. 

We  ran  heavy  TCP  traffic  across  the 
network  to  generate  a  high  number 
ofTCP  session  setups  and  tear-downs, 
which  stressed  the  processors  until 
they  reached  nearly  100%  utilization. 
The  result  was  a  test  of  the  vendor’s 
NIC  hardware,  NIC  driver  and  CPU 
subsystem.The  Chariot  test  resulted 
in  a  single  number  for  network 
throughput.The  ProLiant’s  showing 
of  102.5M  bit/sec  was  about  7%  high¬ 
er  than  the  comparably  equipped 
server  we  used  to  develop  the  test. 

The  6500  has  a  lot  of  options  for 
card  cages,  hard  disk  connections 
and  case  configuration.This  server 
has  four  open  64-bit  PCI  slots,  offer¬ 
ing  plenty  of  bandwidth  for  I/O 
cards,  though  it  does  not  have  the 
onboard  hot-plug  drive  feature  of  its 
cousins,  the  ProLiant  6 000  and  7000. 

The  6500  comes  with  Compaq 
Insight  Manager,  which  monitors  the 
hardware  components  and  reports 
monitored  values  to  many  manage¬ 
ment  platforms.The  server  also  has  an 
Integrated  Management  Display  that 
shows  common  system  information 
right  on  the  server’s  front  panel. 

The  6500’s  Integrated  Remote 
Console,  together  with  a  modem, 
gives  you  text-based  remote  access  to 
the  server  for  monitoring  and  reboot¬ 


ScoreCard 

Compaq  ProLiant  6500  jj 

Performance  (40%) 

9 

Features  and 
flexibility  (30%) 

9 

Manageability  (20%) 

9 

Serviceability  (10%) 

8 

Overall 

8.9 

ing  it.  Compaq  also  offers  the 
optional  Remote  Insight  Board, 
which  has  a  modem,  and  allows  for 
server  monitoring,  remote  rebooting 
and  console  redirection.The  board 
has  a  battery  pack  and  A/C  power 
inputs  to  remotely  manage  the  serv¬ 
er  even  when  it  is  without  power. 

The  serviceability  of  the  6500  is 
very  good,  but  you  need  tools  to 
remove  the  top  cover  to  access  all 
the  system’s  components.  Compaq 
says  that  because  it  removed  the  interlocks  that  shut 
down  the  server  when  the  cover  is  opened,  the  firm 
designed  a  tooled  entry  for  safety  reasons.  Removal  of 
the  interlocks  is  welcome  news  for  users  who  like  to 
run  a  server  without  the  top  cover.Two  doors  on  top  of 
the  server  let  you  access  the  system  fans  and  I/O  cards. 

The  ProLiant  6500  packs  a  lot  of  power  and  fea¬ 
tures  in  a  small,  easily  serviced  package. 
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ALLIANCE 


Server  testing  is  per¬ 
formed  at  North  Carolina 
State  University’s  Cen¬ 
tennial  Networking  Labs 
(CNL)  in  Raleigh,  NC.  CNL 
tests  network  equipment 
and  network-attached  devices  for  interoperabili¬ 
ty  and  performance.  Bass,  a  senior  technical  staff 
member  at  CNL,  designs  and  leads  the  execution 
of  the  test  suites.  He  can  be  reached  at 
john_bass@ncsu.  edu. 

Bass  is  also  a  member  of  the  Network  World 
Test  Alliance,  a  cooperative  of  the  premier  review¬ 
ers  in  the  network  industry,  each  bringing  to 
bear  years  of  practical  experience  on  every 
review.  For  more  Test  Alliance  information,  in¬ 
cluding  what  it  takes  to  become  a  member,  go  to 
www.  nufusion.  com/alliance. 
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Cool  Tools 

Quick  takes 
on  high-tech  toys 


Lee  Schlesinger, 
Test  Center  director 


I’ve  met  my 

META  MATCH 


Though  I’m  a  long-time  fan  of 
metasearch  tools,  I  haven't  found 
one  worth  paying  for  since  Quarter¬ 
deck’s  WebCompass  disappeared  — 
until  now. 

X-Portal  from  Kaufman  Consulting 
Service,  Ltd.  (KCSL)  is  a  metasearch 
workhorse  that  does  more  than  most 
metasearch  applications,  which  scour 
multiple  search  engines  to  uncover  as 
many  matches  as  possible  for  your 
search  string.  (There  are  more  than  a 
dozen  such  metasearch  tools  online. 
We’ve  put  a  list  of  links  on  www. 
nwhision.com,  Doc  Finder:  2324.) 

Most  free  metasearch  tools  make  it 
difficult  or  impossible  for  you  to  add 
your  own  search  sites  to  their  lists  of 
engines.  X-Portal  allows  you  to  control 
your  list  of  active  search  engines.  For 
example,  you  could  add  your  own  cor¬ 
porate  site  and  search  it  at  the  same 
time  you  search  the  Internet. 

Adding  a  search  engine  is  easy.  A  wiz¬ 
ard  asks  for  the  site  name  and  URL,  then 
brings  up  the  site  and  asks  you  to  run  a 
query7.  After  that,  it’s  placed  on  your  list 
of  active  engines. 

X-Portal  is  closely  tied  to  Microsoft’s 
Internet  Explorer  browser.  It  adds  a  but¬ 
ton  to  Internet  Explorer's  standard  tool 
bar.  When  you  click  on  it,  an  X-Portal 
pane  appears  in  the  browser  the  same 
way  a  search  or  history  pane  does. 

The  X-Portal  pane  has  two  tabs.  The 
Search  tab  lets  you  look  for  words  or 


Net  Results 


Coolness  Meter 


Awesome 

Primo 

Cool 

Wannabe 


X-Portal 

CenturionSoft 
(202)  293-5151 
www.  centurionsoft.  com/ 
productivity/xportal.htm,  or 
www.  kcsl.  ca/X-Portal/i  ndex.  html 
$60 


Bottom  line:  Customizable 
metasearches  and  comprehensive 
reference  resources  integrate  with 
Internet  Explorer  for  good  value. 


phrases,  which  are  returned  ranked  by 
relevance,  and  highlights  the  search 
terms  in  the  results.  The  References  tab 
connects  you  to  a  compendium  of  dic¬ 
tionaries  and  almanacs,  the  Columbia 
Encyclopedia  and  even  a  political  atlas 
that  lets  you  zoom  in  and  out.  There  are 
300,000  references,  all  stored  on  your 
hard  drive,  all  of  which  are  searchable. 


The  program  isn’t  perfect.  It  doesn’t 
let  you  group  your  search  engines  by 
category,  which  would  let  you  have  one 
set  for  technical  support,  one  set  for 
shopping  and  so  on.  It  also  won’t  let  you 
export  a  list  of  the  links  you  found, 
which  would  help  you  share  them  with 
others.  Its  documentation  is  nonexis¬ 
tent,  though  its  online  help  is  useful.  It 


takes  up  150M  bytes  of  disk  space.  And 
currently,  it  only  works  with  Internet 
Explorer  4.01  or  above. 

Maybe  many  of  X-Portal’s  shortcom¬ 
ings  will  be  rectified  in  upcoming 
releases.  Until  then,  this  application  still 
might  be  a  good-enough  reason  for 
Communicator  users  to  switch  to 
Internet  Explorer  5.  E 


BUSINESS  COMPUTING 


EVENT  IN  AMERICA 


[  But  don’t  let  that  convince  you.  ] 


Whether  you’re  buying  the  latest  in  technology 
solutions,  seeking  knowledge  in  practical  applications, 
or  looking  to  build  strategic  partnerships,  PC  EXPO 
is  the  place  to  be. 

This  is  the  “don’t  miss”  event  for  the  serious  IT 
professional;  in  fact,  2/3  of  last  year’s  attendees  didn’t 
go  to  any  other  technology  event.  Don’t  waste  your 
time  at  consumer  shows;  for  real-world  solutions  to 
your  business  technology  issues,  come  to  PC  EXPO. 

Time  is  money.  That’s  why  we  bring  you 
thousands  of  business  solutions 
under  one  roof. 

At  PC  EXPO,  we’ve  got  over  500  of  the  industry’s 
leading  technology  vendors  eager  to  introduce 
their  solutions  for  your  IT  needs.  It’s  not  surprising 
that  more  new  product  announcements  are  made 
at  PC  EXPO  than  any  other  business  technology 
event  in  America. 


Come  face-to-face  with  thousands  of 
information  technology  professionals. 

Meet  with  the  industry’s  major  players  like  IBM, 
Compaq,  3Com,  Novell  and  Microsoft,  as  well  as 
innovative  start-ups.  P CEXPO  is  dedicated  to  providing 
a  professional  forum  for  you  to  make  IT  purchases, 
form  strategic  relationships,  and  network  with  your 
peers.  Plus,  you  can  get  an  insider’s  view  on  information 
technology  trends  with  our  Keynote  Speaker  Series  and 
over  50  seminars  and  tutorials. 

Register  now  for  PC  EXPO  New  York, 
and  save  nearly  30%. 

We  understand  the  demands  of  corporate  budgets  and 
timelines.  So,  for  a  limited  time,  register  for  only  $75, 
a  savings  of  nearly  30%  on  the  3-day  exhibit  fee  of 
$105.  Just  register  on-line  at  www. pcexpo.com  or  call 
for  a  registration  form  before  April  30,  1999.  If  this 
doesn’t  convince  you,  we  don’t  know  what  will. 


If  you’re  not  here,  where  are  you?™ 


PC EXPO  NEW  YORK 

June  22-24,  1999  Jacob  K.  Javits  Convention  Center,  New  York,  NY 

Register  today  and  save!  Here's  how: 

Register  on-line  for  PC  EXPO  at  www.pcexpo.com  or  call  for  a  registration  form: 
United  States:  1-800-829-3976  (extension  2982);  International:  212-615-2982. 

PC  EXPO  ®  is  produced  and  managed  by  Miller  Freeman,  Inc.  (www.mFi.com),  a  wholly  owned  subsidiary  of  United  News  and  Media  pic. 

PC  EXPO  ®  is  a  registered  service  mark  of  Miller  Freeman,  Inc.  ©  1999  Miller  Freeman  Group  USA.  All  rights  reserved.  Source  Code:  MQJ9 
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BY  GAIL  JAMES 
V  N  D  M  I  R  Y  A  N  A  B  U  N  I  C 

oken-ring  advocates  would  like  to  see  High- 
Speed  Token  Ring  (HSTR)  breathe  new  life 
into  token  ring  in  the  same  way  that  Fast 
Ethernet  energized  Ethernet  demand.  One 
such  hopeful  is  Olicom,  whose  CrossFire 
8600  workgroup  switch  can  be  fitted  with 
a  two-port  HSTR  module  for  100M  bit/sec 
data  transmission. 

Olicom’s  new  hot-swappable  HSTR 
uplinks  are  the  CrossFire  8650  for  unshield¬ 
ed  twisted  pair  (UTP)  connections,  which 
we  tested,  and  the  CrossFire  8651  for  multimode 
fiber  connections,  which  we  did  not  test.  Both  com¬ 
ply  with  the  IEEE’s  new  802. 5r  standard  for  HSTR. 
Olicom  also  offers  a  155M  bit/sec  ATM  uplink. 


Throughput 


Frame  size 

Throughput  via 

100M  bit/sec  ports 

Throughput  via 
16M  bit/sec  ports 

4,000  bytes 

98.08M  bit/sec 

16.16M  bit/sec 

2,000  bytes 

81 .82M  bit/sec 

15.98M  bit/sec 

1,000  bytes 

69.1 8M  bit/sec 

15.77M  bit/sec 

100  bytes 

13.1  BM  bit/sec 

6.82M  bit/sec 

In  the  lab,  Olicom’s  CrossFire  8600  performed  well 
with  large  frames,  maintaining  near  wire  speeds 
through  its  100M  and  16M  bit/sec  ports.  However, 
throughput  on  the  HSTR  ports  tapered  off  significantly 
as  we  reduced  frame  sizes. 

With  Olicom’s  100M  bit/sec  ports,  performance 
dropped  from  98%  of  maximum  available  throughput 
to  82%,  then  69%  as  we  reduced  frame  sizes  from  4,000 
to  2,000  to  1,000  bytes,  respectively. With  very  small 
frames  of  100  bytes,  throughput  really  suffered,  plum¬ 
meting  to  a  mere  13%  of  maximum.  One  reason  for  the 
drop  is  small  frames  demand  more  encapsulation,  error 
checking  and  processing  attention.  Nonetheless,  we 
find  this  figure  surprisingly  low. And  while  it’s  true  that 
256-  to  1,024-byte  frame  sizes  are  routine,  these  small¬ 
est  frames  should  not  be  discounted.  It’s  not  unusual  to 
see  100-byte  frames,  particularly  if  you’re  working  with 
online  transaction  processing  applications. 

Performance  was  more  consistent  for  16M  bit/sec 
traffic:The  switch  and  adapters  maintained  at  least 
98%  of  maximum  available  throughput  for  frames  of 
4,000, 2,000  and  1,000  bytes,  dropping  below  98% 
only  when  we  ran  100-byte  frames.  At  this  smallest 
size,  throughput  reached  only  43%  of  maximum. 

Under  way 

You  can  manage  the  CrossFire  8600  via  a  com¬ 
mand  line  interface,  remote  telnet  or  an  easy-to-use 
graphical  user  interface,  but  the  switch  lacks  a  Web 
browser  interface  for  remote  management.  It’s  SNMP- 
and  Remote  Monitoring  (RMON)-compliant  and  can 
be  integrated  with  HP  OpenView  for  Windows  for 


ScoreCard 

CrossFire  8600  switch  and  8650  uplink 


Performance  (30%) 

7  x. 30  =  2.10 

Features  (25%) 

8  x. 25  =  2.00 

Management  (15%) 

9  x. 15  =  1.35 

Configuration  (10%) 

6  x. 10  =  0.60 

Installation  (10%) 

8  x. 10  =  0.80 

Documentation  (10%) 

7  x. 10  =  0.70 

Total  score 

7.55 

Individual  category  scores  are  based  on  a  scale  of  1  to  10. 
Percentages  are  the  weight  given  each  category  in  determining  the 
total  score. 


Review 

EXTREME 
TOKEN  RING 


Olicom's  CrossFire  8600  switch  can  hit  the  high  numbers, 
but  only  if  frame  sixes  are  large. 


Net  Results 

CrossFire  8600  switch  and  8650  uplink 

Olicom 

(972)  907-4600 
www.olicom.com 

$7,500  for  the  20-port  CrossFire  8600  switch  with  two  slots 
for  Universal  Expansion  Modules;  $1 ,1 00  for  the  two-port 
CrossFire  8650  uplink 

Pros 

A  Maintained  near  wire  speeds  with  large  frames 
A  Easy  setup 

Cons 

▼  Inefficient  when  switching  small  frames 

▼  Lacks  a  Web  browser  interface  for  remote  management 


centralized  device  management. 

You  can  configure  one  l6M-bit/sec  port  on  the 
CrossFire  to  actively  or  passively  monitor  the  other 
token-ring  ports  from  the  data  center  or  a  remote 
location  —  a  feature  Olicom  calls  Switched  Port 
Analyzer.  Active  monitoring  mode  is  designed  for  pro¬ 
tocol  analyzers,  and  the  passive  port  monitoring 
mode  is  for  RMON  probes.  However,  it  is  a  minor 
inconvenience  that  the  two-port  HSTR  uplink  doesn’t 
support  this  feature. 

The  CrossFire  switch  supports  three  forwarding 
modes:  low  latency  cut-through,  store-and-forward, 
and  adaptive  cut-through.  You  can  use  low  latency 
cut-through  only  for  transmissions  between  ports 
that  operate  at  16M  bit/sec. While  it’s  faster  than  the 
store-and-forward  approach,  low  latency  cut-through 
is  not  aware  of  packet  errors  and  losses.  For  this  rea¬ 
son,  most  switched  networks  operate  in  the  slower 
store-and-forward  mode  because  it  provides  error 
and  flow  control  for  transmitted  packets. 

Adaptive  cut-through  is  designed  to  deliver  the  best 
of  both  worlds  by  switching  between  store-and-for¬ 
ward  and  cut-through  modes  based  on  an  error  thresh¬ 
old.  If  the  number  of  faulty  packets  received  is  low, 
then  the  switch  uses  cut-through  mode;  if  the  number 
of  faulty  packets  is  higher  than  a  pre-set  threshold,  the 
switch  reverts  to  the  store-and-forward  method. 

For  security,  advanced  frame  filtering  lets  you 
block  selected  protocols,  restrict  access  to  ports 
based  on  the  frame  source  and  destination  media 
access  control  (MAC)  address,  and  reduce  broadcast 
traffic  for  improved  network  performance. 

The  CrossFire  switch  supports  a  full  range  of 


advanced  token-ring  bridging  and  routing  modes. 

The  modes  include  transparent  bridging,  source 
route  switching,  source  route  bridging  and  source 
route  transparent  bridging,  as  well  as  Spanning  Tree 
Protocols  IEEE  802.  Id  and  IBM  Spanning  Tree. 

In  addition  to  supporting  physical  LAN  segments, 
the  CrossFire  8600  supports  the  physical  grouping  of 
ports  to  form  as  many  as  63  separate  virtual  LANs. 
Membership  in  VLANs  is  based  on  MAC  address; 
IP/IPX  address-based  VLANs  are  not  available.  You  can 
also  span  your  VLAN  across  multiple  switches. 

Installing  CrossFire  8600  is  simple  and  doesn’t 
require  a  special  crossover  cable.  CrossFire  supports 
IBM  Categories  1  and  2  shielded  twisted  pair  cables, 
as  well  as  standard  UTP  Categories  3, 4,  and  5  cables. 

Once  you  physically  connect  the  switch  to  PC  and 
server  nodes,  configuration  is  easy  thanks  to  Cross- 
Fire’s  automatic  detection  capabilities.  Unless  you  dis¬ 
able  the  feature,  CrossFire  will  automatically  survey 
your  network  and  configure  each  port  to  match  the 
device  connected  to  that  port.The  switch  supports 
five  port  types:  HDX  concentrator,  FDX  concentrator, 
HDX  station,  FDX  station  and  Ring  In/Ring  Out. 

Olicom  lets  you  stack  up  to  eight  switches  with  its 
Stack  Link  module,  enabling  a  total  of  16  HSTR  ports 
per  system.This  gives  the  CrossFire  excellent  scalabil¬ 
ity  for  a  workgroup  switch.  It  also  opens  up  new 
options  to  token-ring  network  designers  who  until 
now  were  forced  to  turn  to  other  topologies  —  such 
as  FDDI.ATM,  100Base-T  or  lOOOBase-T  —  if  they 
wanted  a  high-speed  backbone.  Now  designers  can 
add  HSTR  to  their  list  of  choices  without  adding  the 
burden  of  managing  multiple  topologies.  If  Olicom 
works  out  its  small-frame  performance  problems, 
CrossFire  may  turn  out  to  be  a  viable  way  for  token¬ 
ring  managers  to  extend  the  lives  of  their  networks. 

James  is  the  vice  president  of  lab  services  and 
Bunic  is  a  network  test  engineer  at  LANQuest  Labs, 
an  independent  test  lab  specializing  in  network 
quality  assurance,  certification  and  performance 
testing  services.  They  can  be  reached  at  gjames© 
lanquest.com  and  miryana@lanquest.com. 
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anagement 


Career  Development ,  Project 
Management ,  Business  Justification 


Strateoies 


Before  you  resort  to  lacing  the  office  coffee 
with  IMoDox,  try  one  of  several  other  ways 
of  keeping  your  staff  awake  anti  alert. 


BY  MEL  MANDELL 

The  early  morning  nuclear  disasters  at 
Chernobyl  and  Three  Mile  Island  prove 
that  sleep  deprivation  is  a  serious  prob¬ 
lem,  but  it’s  not  one  that  network  execu¬ 
tives  care  to  openly  discuss. 

“We’re  all  sleep  deprived,”  admits  one 
network  manager  who  doesn’t  want  to  be  named.  Is 
exhaustion  the  great  veiled  headache  in  round-the- 
clock  network  operations?  Large  organizations  con¬ 
tacted  for  this  article  deny  the  problem,  claim  night- 
shift  employees  prefer  those  hours,  or  don’t  want  to 
talk  about  the  issue. 

Yet  compared  with  their  better-rested  counter¬ 
parts,  tired  workers  are  more  irritable  and  prone  to 
stomachaches,  more  likely  not  to  report  to  work  —  or 
to  quit  without  warning  —  and  more  accident  prone, 
according  to  medical  researchers.  Sleep-deprived 
workers  are  also  more  likely  to  make  mistakes  that 
could  bring  down  your  network. 

The  three  types  of  network  professionals  who  are 
likely  to  suffer  job-related  sleep  deprivation  are  night- 
shift  network  operators,  technicians  who  put  in  lots 
of  overtime  to  cope  with  emergencies,  and  jet-lagged 
net  executives  who  travel  through  several  time  zones. 

Help  is  on  the  way  from  a  growing  number  of  pro¬ 
fessionals  who  are  devising  viable,  cost-effective  ways 
to  cope  with  sleep  loss.  One  of  the  leaders  in  the  field 
is  Dr.  Martin  Moore-Ede,  founder  and  CEO  of  Circa¬ 
dian  Technologies,  a  Cambridge,  Mass.-based  consul- 
tancy.Among  his  recommendations: 

•  Choose  workers  for  the  graveyard  shift  based  on 
adaptability  to  odd  working  hours.  Younger  workers 
generally  adapt  better  to  night  shifts.  A  transformation 
occurs  around  the  mid-40s,  when  people  begin  work¬ 
ing  better  during  the  day. There’s  a  natural  spread  of 
preference  in  working  hours.  Most  people  fit  in  the 
middle,  while  about  20%  work  best  at  night;  another 

More  Online 

*  Tips  for  combating  sleep  deprivation. 

*  Details  about  a  typical  night  on  the  night  shift. 

*  Advice  for  preventing  jet  lag. 

www.nwfusion.c 


20%  are  best  in  the  morning. 

•  If  your  company  rotates 
shifts,  counterclockwise  rota¬ 
tion  is  preferable;  move 
workers  from  night  to  morn¬ 
ing  shifts,  not  the  reverse. 

•  Encourage  night-shift 
workers  to  adhere  to  the 
same  sleep  schedule  when 
not  working.  For  example, 
night-shift  employees  should 
try  to  avoid  activities  early 
the  next  day. 

•  Consider  replacing  the 
common  five-day,  eight-hour 
shifts  with  four-day,  10-hour 
shifts,  or  even  three-day,  12- 
hour  shifts.This  gives  work¬ 
ers  more  opportunities  to 
catch  up  on  sleep. 

•  If  a  network  emergency 
requires  employees  to  work  lots  of  overtime,  provide 
them  with  transportation  home  or  encourage  them  to 
take  public  transit.The  chances  of  auto  accidents  are 
greatly  multiplied  if  overtired  employees  drive  them¬ 
selves  home. 

•  Maintain  temperatures  on  the  cool  side  in  net¬ 
work  operations  centers.  Having  a  lot  of  light  is  also 
helpful,  though  this  is  difficult  when  workers  need  to 
focus  on  critical  data  displays. 

•  To  re-energize  flagging  workers,  urge  them  to 
exercise  in  place.  Even  better,  install  treadmills  they 
can  use  to  trot  in  place  during  five-  to  10-minute 
breaks.  Employees  should  also  know  that  too  much 
coffee  may  prevent  them  from  enjoying  restorative 
sleep  when  they  get  home. 

•  Suggest  that  late-shift  employees  and  those  who 
work  overtime  avoid  heavy,  hard-to-digest  foods,  such 
as  red  meat,  during  meal  breaks. 

Catnaps  help  too 

Another  thing  you  can  do  to  lessen  lethargy  is  pro¬ 
vide  a  nap  room. These  are  conveniently  located, 
lowly  lit  rooms  equipped  with  reclining  chairs  or  easy 
chairs  —  no  beds  —  in  which  tired  employees  can 
grab  1 5-  to  20-minute  naps  during  their  breaks.  Short 
naps  are  better  than  longer  ones  because  employees 
are  less  likely  to  awaken  feeling  sluggish. 


A  properly  equipped  nap  room  with  six  chairs,  sep¬ 
arating  curtains  and  special  phones  that  vibrate  rather 
than  ring,  costs  between  $5,000  and  $10,000. 

While  nap  rooms  may  sound  a  bit  out  there,  there 
is  a  precedent  for  napping  at  Burlington  Northern 
Santa  Fe  Railway.  When  trains  are  stopped,  crewmen 
can  nap  as  long  as  one  remains  awake,  and  mainte¬ 
nance  workers  can  nap  in  their  vehicles  during 
breaks,  says  A1  Lindsay,  general  manager  of  safety'  and 
rules  in  Fort  Worth,  Texas. 

About  28,000  of  the  company’s  employees  are 
now  permitted  to  take  short  naps  if  the  opportunity 
arises.  Eventually,  the  napping  policy  will  extend  to  all 
44,500  of  the  railroad’s  workers.  “This  was  a  huge 
change  to  our  culhire,  so  we’re  taking  it  a  little  bit  at  a 
time,”  Lindsay  says. 

The  railroad  also  tries  to  educate  its  employees 
about  sleep  deprivation.  For  example,  seriously  sleep- 
deprived  employees  are  urged  to  request  referrals  to 
local  sleep-disorder  centers  from  their  physicians. 

After  all,  Lindsay  says,  there’s  a  big  difference 
between  grabbing  a  catnap  and  catciting  up  for  lost 
sleep  on  company  time. “We  want  people  as  much  as 
they  can  to  come  to  work  fully  rested,”  he  says. 

Mandell  is  a  freelance  writer  in  Neiv  York.  He  can 
be  reached  at  melmandell@aol.com. 
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VACANCY 

Position: 

Information  Systems 
Technology  Faculty 

For  more  details,  see  the 
New  River  Community  College 
web  site  at 

http://www.nr.tc.vo.us/ist 

P.O.  Bo*  1127 
Dublin,  VA  24084 


Network  World  Career  Fairs 


Networld+lnterop  ‘99 
Two  great  locations! 


Las  Vegas  Atlanta 

May  11-13  September  14-16 

For  more  information 
email:  ccapp@nww.com  or  go  to  www.nwfusion.com 


Programmer  Analyst:  Perform 
system  analysis,  design,  devel¬ 
opment,  support,  testing  and 
implementation  of  business 
and  commercial  application 
software  using  Oracle  7.0, 
SQL-  Forms  3.0,  SQL  Report 
and  Probe  under  UNIX. 
Perform  fine  tuning  of  net¬ 
work  database  applications  to 
decrease  response  time  and 
minimize  memory  usage  by 
code  optimization  and  effi¬ 
cient  algorithms.  Prepare  tech¬ 
nical  documentation,  user 
manuals  and  instructional 
manuals  as  required  by  end- 
user.  Provide  on-site  mainte¬ 
nance  support  to  customer  on 
various  custom  software  pack¬ 
ages  including  de-bugging, 
modifications,  fine  tuning,  and 
code  optimization.  Multiple 
openings  available.  40 
hrs/wk.,  9:00  a. m. -5:00  p.m. 
$72,000/yr.  B.Sc.  in  comp,  sci¬ 
ence  or  engin.  or  equiv.  +  2 
yrs.  exp.  in  job  offered  or  as 
systems  analyst  or  software 
engineer.  M.S.  +  1  yr.  exp. 
accepted  in  lieu  of  B.Sc.  +  2 
yrs.  exp.  Apply  to:  Sharper 
Logics,  Inc.,  Ref.  NWA2,  615 
Beaver  Ruin  Rd.,  Ste.  A, 
Lilburn,  GA  30047. 


Programmer  Analyst:  Perform 
system  analysis,  design,  devel¬ 
opment,  support,  testing  and 
implementation  of  business 
and  commercial  application 
software  using  Powerbuilder 
5.0,  SQL  Server,  ERWIN  for 
data  modeling  under  Windows 
3.1  and  Windows  NT.  Perform 
fine  tuning  of  network  data¬ 
base  applications  to  decrease 
response  time  and  minimize 
memory  usage  by  code  opti¬ 
mization  and  efficient  algo¬ 
rithms.  Prepare  technical  docu¬ 
mentation,  user  manuals  and 
instructional  manuals  as 
required  by  end-user.  Provide 
on-site  maintenance  support  to 
customer  on  various  custom 
software  packages  including 
de-bugging,  modifications,  fine 
tuning,  and  code  optimization. 
Multiple  openings  available.  40 
hrs/wk.,  9:00  a.m.-5:00  p.m. 
$80,000/yr.  B.Sc.  in  comp,  sci¬ 
ence  or  engin.  or  equiv.  ♦  2  yrs. 
exp.  in  job  offered  or  as  sys¬ 
tems  analyst  or  software  engi¬ 
neer.  M.S.  +  1  yr.  exp.  accepted 
in  lieu  of  B.Sc.  +  2  yrs.  exp. 
Apply  to:  Sharper  Logics,  Inc., 
Ref.  NWA4,  615  Beaver  Ruin 
Rd.,  Ste.  A,  Lilburn,  GA 
30047. 


Systems  Consultant,  40  hrs/wk, 
8:00  am  -  5:00  pm,  $61,494/yr. 
Design  &c  develop  custom  appli¬ 
cations  using  Oracle  RDBMS  via 
Oracle  development  tools  such 
as  SQL*Forms,  SQL* 
Report  Writer,  Pro*C  &c  PL/SQL 
under  UNIX.  Make  enhance¬ 
ments  to  existing  systems  based 
on  end  user  requirements. 
Design  &  develop  Internet  user 
applications  capable  of  generat¬ 
ing  ad  hoc  reports  on  the  World 
Wide  Web  using  HTML  and 
CGI  (Common  Gateway 
Interface)  scripting.  Provide  pro¬ 
duction  support  8c  performance 
tuning  services.  Do  database 
design  8c  data  modeling.  Min. 
Reqs.:  M.S.  in  Computer  Science 
or  Engineering.  1  year  in  the  job 
offered  or  1  year  in  developing 
Oracle  applications  using 
SQL*Forms, 
SQL*ReportWriter,  Pro*C  8c 
PL/SQL  under  a  UNIX  environ¬ 
ment.  Multiple  openings  avail¬ 
able.  Apply  at  the  Texas 
Workforce  Commission,  Dallas, 
Texas,  or  send  resume  to  the 
Texas  Workforce  Commission, 
1117  Trinity,  Room  424T, 
Austin,  Texas  78701,  J.O. 
#TX0520160.  Ad  Paid  by  An 
Equal  Opportunity  Employer: 


Programmer  Analyst: 

Perform  system  analysis, 
design,  development,  support, 
testing  and  implementation  of 
business  and  commercial 
application  software  using 
Oracle  7.1,  Oracle  Developer 
2000  under  MS  Windows  3.1. 
Perform  fine  tuning  of  net¬ 
work  database  applications  to 
decrease  response  time  and 
minimize  memory  usage  by 
code  optimization  and  effi¬ 
cient  algorithms.  Prepare 
technical  documentation,  user 
manuals  and  instructional 
manuals  as  required  by  end- 
user.  Provide  on-site  mainte¬ 
nance  support  to  customer  on 
various  custom  software 
packages  including  de-bug- 
ging,  modifications,  fine  tun¬ 
ing,  and  code  optimization. 
Multiple  openings  available. 
40  hrs/wk.,  9:00  a. m. -5:00 
p.m.  $80,000/yr.  B.Sc.  in 
comp,  science  or  engin.  or 
equiv.  +  2  yrs.  exp.  in  job 
offered  or  as  systems  analyst 
or  software  engineer.  M.S.  +  1 
yr.  exp.  accepted  in  lieu  of 
B.Sc.  +  2  yrs.  exp.  Apply  to: 
Sharper  Logics,  Inc.,  Ref. 
NWA3,  615  Beaver  Ruin  Rd., 
Ste.  A,  Lilburn,  GA  30047. 


Network  World’s  Signature 
Series  issues, 

published  — NenrakWorid 

bimonthly,  ( 

provide 

insights,  opinions  and  informa¬ 
tion  on  the  most  important 
issues  shaping  the  networked 
world.  The  award-winning 
Signature  Series  issues  include: 


■The  Network  World 

■  The  Buzz  Issue 

200  Issue 

9/27/99 

4/26/99 

■  The  You  Issue 

■  The  Best  Issue 

Showcasing  the 

11/15/99 

Network  Leaders: 

7/26/99 

For  more  information  call: 
800-622-1108  Ext.  7510 
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NOW  WITH  100%JAVA  BASED  CROSS 
PLATFORM  BROWSER  MANAGEMENT 
SOLUTIONS  USING  E-MANAGER/NetPrism 


MANAGE  YOUR  UPS 


•  CONTROL  AC/DC  POWER 

•  GATHER  ANY  ALARM 

•  SERIAL  PORT  ACCESS 

•  MANAGE  ANY  HARDWARE 

•  EXCLUSIVE  VISIBLE  LIGHT 
LINK  AND  MUCH  MORE 


Ife.  _ 


1-800-247-1431  www.e-comms.com 

E-COMMANDER,  E-MANAGER  &  NetPrism  are  trademarks  of  E-COMMS  &  Fujitsu 
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SNMPc  Enterprise 
Manager 

Distributed  management 
for  Windows  NT.  Supports 
remote  consoles  and 
polling  agents,  Web  Trend 
Reporting  and  more. 


SNMPc  WorkGroup 
Manager 

Affordable  management 
for  small  networks. 

With  an  installed  base 
of  over  60,000  copies, 
this  popular  tool  is  resold 
by  major  OEMs,  including 
Cisco  and  ACC. 


Network 

Management 

for  Microsoft  Windows 


Castle  Rock 

Computing 

Phone:  408.366.6540 
Fax:  408.252.2379 


ient 


■■■■Hi 


1  Download  a  Free  Evaluation 

www.castlerock.com 
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Remote  Reboot  Over  Telnet! 


Reboot  your  Network  Equipment  via  Telnet,  Dial-Up  and  Local  Console 


Network  equipment  sometimes  "locks-up"  requiring  a 
service  call  just  to  flip  the  power  switch  to  perform  a 
simple  reboot.  The  NPS  Network  Power  Switch  gives 
network  administrertors  the  ability  to  perform  this 
function  from  anywhere  on  the  LAN/ WAN,  or  if  the 
network  is  down,  to  simply  dial-in  from  a  standard 
external  modem  for  out-of-band  power  control. 

✓  TCP/IP  Security 

✓  Individual  Plug  Passwords 

✓  Dual  15  Amp  Power  Inputs 

✓  Eight  (8)  Individual  Outlets 

✓  Modem  and  Console  Ports 

✓  Co-Location  Features 

✓  115-VAC  and  230-VAC  Models 

✓  Modem  and  Telnet  Auto  Reset 


Individually 
Programmable 
Outlet  Plugs  (8) 


lOBase-T  Ethernet 
Interface 


1 9”  Rack  Brackets 
Allow  Front,  Back,  or 
Center  Mounting 


Dual  15  Amp 
Power  Circuits 


11]^ 


Modem  Port  for 
Out-of-Band 
Management 


□  western" 

D  telematic  inc. 


Local  RS232 
Console  Port 


(800)  854-7226  *  www.wti.com 


9&mm 


5  Sterling  •  Irvine  •  California  92618-2517  •  (949)  586-9950  •  Fax:  (949)  583-9514 


For  Free  Product  Info  .  www.networkworld.com/infoxpress 
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For  Free  Product  Info  • 


MANAGE  1,000  SERVERS 

from  4  or  more  KVM  stations 


Rose  has  done  it  again!  The  UltraMatrix  is  a  keyboard-video-mouse  (KVM)  switch  that  has  all 
the  features,  is  the  simplest  to  use,  and  costs  the  least. 


STATION  I  STATION  2  STATION  3  [STATION  4  EXPANS.ON^ABLES^NNECT  ULTRAMATH'X 


Simultaneous  access  from  4  or  more  KVM  stations 
Supports  multiple  platforms:  PC,  Sun,  Unix,  others 
Full  keyboard  and  mouse  emulation  for  automatic 
booting 

Expands  easily  with  plug-in  cards 
Sleek  on-screen  display  simplifies  user  interface 
Innovative  cabling  system  makes  installation 
clean  and  easy 

Uses  less  rack  space  than  other  switches 
Security,  access  groups,  user  profiles,  status 
screen,  flash  memory,  and  more 


Rose  has  been  providing  innovative  solutions  since  1984.  We 
have  a  complete  line  of  KVM  switches  for  server  rooms, 
classrooms,  desktops,  and  other  uses.  Ask  us  about  our 
KVM  extenders  using  coax  or  twisted  pair.  We  also 
have  an  extensive  line  of  serial  and  parallel  data 
switches.  Call  us  today  to  discuss  your  application. 


GROW  WITH 
ROSE  PRODUCTS 


Aerospace/Military  Computer  Room 


Plant  Control 


Trading  Room 


Control  Consoles  Class  Room/Corporate 


USA  Office:  10707  Stancliff  Road  Houston,  Texas  77099  Phone  281-933-7673  Fax  281 -933-0044 
UK  Office:  Phone  +44  (O)  1264  850574  FAX  +44  (O)  1264  850529 


Call  800-333-9343  for  your  catalog 

#! 


ELECTRONICS 


WWW.ROSEI_.COM 
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INTRODUCING 

LAN/WAN 


Observer  identifies  network  trouble  spots,  and  costs 
thousands  less  than  expensive  hardware-based 
analyzers.  If  you  have  network  slowdowns  would  you 
know  if  they  are  being  caused  by  packet  errors, 
broadcast  storms  or  overloaded  utilization?  Find  out 
with  Observer  or  Distributed  Observer. 

•  Full  packet  capture  and  decode  for  over  300 
protocols,  including  TCP/IP  (v4  and  v6), 
NetBIOS/NetBUEl,  IPX/SPX,  Appletalk,  SNA, 

and  DECnet. 

•  Switched  mode  sees  all  ports  on  a  switch 
gathering  statistics  from  the  entire  switch  or 
packet  capture  from  any  port  or  ports  Finally  a 
protocol  analyzer  that  can  be  used  in 
switched  environments! 

•  Long-term  network  trending  collects  statistical 
baseline  data  for  days,  weeks,  months  or  years 
for  review  and  reporting. 

•  Distributed  version  available  for  $1290  (includes 
1  local  and  1  remote  Probe).  Additional  Probes 
are  $295  per  local  or  remote  segment  or  switch. 

•Network  Instruments'  optimized  ErrorTrack™ 
NDIS  drivers  display  true  errors-by-station. 

Includes  collision  expert. 

•  Track  router  utilization/traffic  in  real  time 
•  Ethernet  (10/100/1000).  Token  Ring.  FDD I 


j  EXPERT  FOR  WEB  EXTENSION 

OBSERVER  FOR  OBSERVER’ 

*aas  ®aaB 

SIMIV1R  EXTENSION  RIVIOIMCS)  EXTENSION 

FOR  OBSERVER"  FOR  OBSERVER 

$495  $495 

See  what  you  have  been  missing! .Call  800-526-7919  for  a  FREE  DEMO  or  download  from  our  web  site. 

www.notworkinstruments.com 

©  1999  Network  instruments.  .LTC  -  Corporate  Headquarters  (612)  932-9899  FAX  (612)  932-9545 
UK  and  Europe  +44  (0)  1322  303045  FAX  -44  (0)  1322  303056  mlo@networkinstrumonts.com  www.networkmstruments  com 
.  Observer  Network  Instruments  and  Jbe  'N‘  fog©  are  registered  trademarks  ot  Network  Instruments  LLC  Minneapolis  MN  USA 
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‘T-V. 


Servers 

Routers 

Kiosks 

Anything! 


% 


PowerPAL  From  Dataprobe 


From  Any  Telephone! 
Anytime!  Anywhere! 


10  Amp  AC  Power  Control 
Tone  Controlled,  On/Off  Reboot 
Utilizes  Existing  Dial  Line 
Security  Password  Protected 
Int’l,  DC,  Relay  Versions  Available 


11  Park  Place  Paramus,  NJ  07652  Web:  www.dataprobe.com 


Your  Reach 
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When  your  old  network  monitoring 

tools  don’t  fit  anymore. . . 


You've  moved  from  a  traditional  SNA  environment  to  TCP/IP.  And  you've 
outgrown  your  old  tools.  Bad  news.  Now  thot  you're  on  a  public  network, 
you'll  need  to  control  your  environment  more  than  ever. 

Are  there  TCP/IP  tools?  Of  course,  but  only  one  solution,  e-Control, 
offers  you  network  monitoring,  performance  management,  and  problem 
diagnosis.  That's  a  critical  advantage  for  maximum  control.  Say  a 
component  fails  or  you  have  a  security  violation.  With  other  solutions, 
you'll  only  know  that  a  problem  exists.  With  e-Control,  you'll  get  the 
"what,  where  and  how"  of  the  problem,  along  with  proactive  alerts  to 
help  you  avoid  career-threatening  technical  disasters.  You  can  also  decide 
which  events  to  highlight  and  who  to  notify  in  case  of  trouble,  for  faster, 
more  efficient  response. 

e-Control  is  the  perfect  fit  to  keep  your  0S/390  servers  and  business 
running  at  top  speed. 

For  a  free  demonstration  CD  or  to  order  a  product  evaluation: 
visit  us  at  www.interlink.com/offer, 
eMail  us  at  offer@interlink.com,  or 
call  us  at  800.366.5452 


...it’s  time  to  take 
e-Control  of  your  TCP/IP 
data  center. 


inTERLinK 

COMPUTER  SCIENCES’" 


©1999  Interlink  Computer  Sciences,  Inc.  All  rights  reserved.  The  Interlink  Computer  Sciences  logo  design  is  o  trademark  of  Interlink  Computer  Sciences,  Inc. 


#316  @  www.networkworld.com/infoxpress 


For  Free  Product  Info  • 


Watchdog  2000™ 


Are  Your  Unatten 
Don’t  Ju 

Sit  there  and 


Let  Watchdog  2000  monitor  your  systems  24  hours  a 
day  and  automatically  reboot  them  in  the 
event  of  a  lock-up!  Without  human 
intervention,  then...  receive  an 
e-mail  message  advising  you 
of  the  problem  at  the  site 


TeleSuiritch  Corp. 

PH:  516-244-7075 
FX:  516-244-5725 

www.teleboot.com 

sales@teleboot.com 


CALL  TODAY 

toll 

1 -877-652-7241 
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It  all  comes  down  to  questions.  Questions 
that  challenge  your  expertise  about  Microsoft 
products.  Question  yourself  -  are  you  ready? 
Be  absolutely  sure.  With  Spike  and  the  gang's 
certification  guarantee,  you  will  be.  Because 
once  you've  completed  the  program,  you'll  pass 
with  flying  colors  or  get  your  money  back.* 
And  don't  worry,  because  as  Microsoft 
Certification  changes,  Transcender  will 
have  you  covered. ..without  question. 


•  Most  Realistic  MCSE  and  MCSD 

Simulations  Available 

•  Detailed  Answers  and  Explanations 

•  NEW!  Computer  Adaptive  Testing  Features 

•  NEW!  Simulation  Questions 

•  Money  Back  If  You  Don't  Pass  Guarantee* 


•  From  $129  -  $179 

Transcender.  America’s  #1  Exam  Preparation  Software. 


Transcender® 

Corporation 


To  order,  call  Howard  @  (615)  726-8779  or  fax  (615)  726-8884;  242  Louise  Ave.;  Nashville,  TN  37203. 

f  *•'5  Mr  r  o  M  rl  OP  r  n  ...  ©  1999  Transcender  Corp.  All  Rights  Reserved.  Microsoft  is  a  registered  trademark  of 

W  W  W  ■  L  *  w.  nbCSnUCiiCU  iTI  Microsoft  Corporation.  Multi-user  licenses  are  available.  *Call  or  see  our  Web  site  for  details. 
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AT  HOME, 
HOW  YOU 
SURF  IS 
YOUR 
BUSINESS. 


i 

■ 

i 

i 

■ 
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AT  WORK 
IT  S  OURS. 


Immediately 

increase 

productivity. 


Monitor,  report  on,  or 
block  all  Internet  access. 


LittleBrother 


"Little  Brother  is  watching  you  use  the  Internet" 


546  Valley  Way  Milpitas,  CA  95035 
Ph:  1.800.200.9881  Fax:  408.263.9883  sales@kansmen.com 
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For  a  limited  time 


people  register  for 
program  -  the  secoi 


ands-on  training  for  ALL  6  modules,  Microsoft  approve 
testing  software  (with  hundreds  of  practice  questions) 
port  Training  and  demc  version  of  NT  4.0.  Offer  valid  f 
i  must  register  together.  Second  person  pays  for  books,  sol 
ily.  Call  or  visit  Microhard  website  for  complete  terms  &  cor 


tifications:  MCP,  MCSD 
ORACLE,  CNE,  CNA,  A+ 


Microsoft 


BEST.  FIND  WHY  COMPANIES  LIKE  AT&T,  AR 
OBOTICS  AND  THE  US  DEPT.  OF  DEFENSE  Cl 


IS  OAK  BROOK  ORLANDO  ST.  LOUIS  SCHAUMBURG  THORN! 

7-MICROHARD  WWW 
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our 


FORB'RONT 


DIRECT 
A  CBT  Group  Company 


Call  Now  to  Get  Your  First  Course  at  No 
Charge!  (Limited  Tune  Offer) 

Discover  the  fast  and  easy  way  to  boost  your  I.T:  knowledge  and  prepare  for 
l.T  certification.  Our  computer-based  training  courses  provide  a  learning 
environment  that  surpasses  traditional  classroom  and  video  courses.  See  for 
yourself  how  Forefront  Direct  can  give  you  the  skills  you  need  to  launch  or 
accelerate  your  I.T.  career.  Call  today  for  your  FREE  I.T.  training  course! 

Self-Study  Courses: 

•  MCSF.  *  MCSD 


Open  the  Door  to  Great  Career 

Opportunities 

Raise  Your  Income 

Gain  Valuable  Skills, 

Knowledge  and  Technical 

Recognition 

Study  at  Your  Own  Pace 

Interactive  Hands-on  Exercises 

Online  and  Telephone 

Mentoring  Available 

One-on-One  Training 

Consulting 


JlH^n'T'ur 


•  MCSE+ Internet 

•  MCP 
•CNF 

•  Novell  CIP 

•  CNA 

•  Oracle 

•  Lotus 
•Webmaster 

•  PC  Repair 

•  A+  Certification 


•Visual  Basic 
•Visual  C+  + 
•Java 

•  C++ 

•  Cisco 
•UNIX 

•  Networking 

•  Office  97 

•  Windows  98 

•  And  More! 


(800)475-5831  •  (727)724-8994  •  Fax:  (727)726-6922  •  www.techcourses.com 


NYVM 
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Try  it  today  at: 


Netscape:  InfoHpress  -  Network  Ulorld 


Info  press 


Free  Product  Information 


www.networkworld.com/infoxpress 


NetWOrkWorld  InfoXpress  is  reader  service  at  its 
best  An  online  sen/ice  designed  to  furnish  readers 
with  a  quick  and  easy  way  to  request  information, 
NetWOlkWorld  InfoXpress  offers  readers: 


r* 

m 


1.  First.  select  an  issue  | 

r~  — i 


Or.  aeareh  by  catepoty 

— 


2.  It  you  knew  the  items' 
reader  service  numbers, 
enter  them  here 

f - 


3/99— DK-00034A 


-►  Easier  access  to  more  relevant  information. 


-►  24-hour  service. 


-►  The  ability  to  search  for  information  by  reader 
service  number,  advertiser  name  or  product  category. 

-►  Flexibility  in  requesting  information  via  WstWOrkWoill 
mail,  email,  telephone,  fax  or  linking  to  lE3LEADER 
the  advertiser  Web  page. 


IN  NETWORK 


Print  ■  Online  -  Events 

AN  I  DC  COMPANY 


Network  Ready 
CD-ROM  Servers 

From  $1,749 

Excel  custom  designs 
powerful,  expandable 
CD-ROM  Solutions  for 
Netware,  Windows  NT  and 
Unix  Systems  ranging  from 
7  to  256  CD-ROM  Drives. 


CD-ROM  Systems 

888-286-6201 

www.excelcdrom.com 
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Lastar  Datacomm  Solutions 


Call  Us  Today.. .Get  Connected  TOMORROW! 


350MHz  Enhanced  CAT  5  Patch  Cords 


Description 

3’  Datatwist™  350MHz  CAT  5  Patch  Cable 
5'  Datatwist™  350MHz  CAT  5  Patch  Cable 
7’  Datatwist™  350MHz  CAT  5  Patch  Cable 
10‘  Datatwist™  350MHz  CAT  5  Patch  Cablei 
14'  Datatwist™  350MHz  CAT  5  Patch  Cable*: 

25'  Datatwist™  350MHz  CAT  5  Patch  Cable 
Your  Choice  of  Colors:  Grey,  Blue,  Green,  Red, 


i SRP 

$7.95 
$9.95 
$10.95 
$12.95 
$14.95 
$17.95 
Yellow,  and  Black! 


CAT  5  Patch  Cords 


Description 
V  CAT  5  Patch  Cable 
2’  CAT  5  Patch  Cable 
3’  CAT  5  Patch  Cable 
5’  CAT  5  Patch  Cable 
7'  CAT  5  Patch  Cable 
10'  CAT  5  Patch  Cable 
14’  CAT  5  Patch  Cable 
25'  CAT  5  Patch  Cable 
35'  CAT  5  Patch  Cable 
25'  CAT  5  Patch  Cable 


PCI  NICs 


Description  Ref.  # 

ATI  lOBase-T  AUI  Transceiver  04111 

ATI  100Base-TX  Mil  Transceiver  12983 

KTI  lOBase-T  AUI  Transceiver  12763 

KTI  1 0Base-2  BNC  AUI  Trans.  12762 

KTI  10Base-T/2  Converter  17374 

KTI  lOOBase-TX/FX  Converter  17378 


We  Also  Offer  A  Full  Line  Of  Products  From  Transition  Networks  - 
Please  Call  For  Latest  Part  Numbers  &  Pricing! 


Lastar  also  provides 
quality  services  such 
as  network  design 
and  installation.  Call 
us  today  or  visit  our 
website  for  more 
information! 


MSRP 

$3.35 

$3.59 

$3.95 

$4.45 

$4.95 

$5.95 

$6.95 

$8.95 

$8.95 

$10.75 


Hubs/Switches/Routers 


Lastar  Carries  A  Full  Line  Of  Switches  From  The  Industry’s  Leading 
Manufacturers  Including: 


3SSS! 


Cisei  Smuts 


caaeTRon 

SYS7ems 


Your  Choice  of  Colors:  Grey,  Blue,  Green,  Red,  Yellow,  Black,  &  White! 


Us 


Description 

3Com  10/100  Auto-Sensing 
3Com  EtherLink  XL  (10Mbps) 
Samsung  10/100 
KTI  10/100  DEC  Chipset 
KTI  10/100  RealTek  Chipset 
KTI  Combo  lOBase-T 
KTI  MM  ST  Fiber 


ISA  NICs  Are  Also  Available  -  Please  Call  For  Part  Numbers  &  Pricing! 


Transceivers/Converters 


Special  Offer  -  KTI  8-Port  10/100Base-TX  NWay  Workgroup 
Switch  With  Expansion  Slot  Is  Nov/  Only  $399.95!! 


Power  Protection 


& 


Lastar  Proudly  Features  Power  Protection  Products  From 


iUfPir.AH  POWER  MfcVfRS** 


Special  Offer  -  Get  The  New  USB/Windows™  96  Enhanced 
APC  Pro  350  For  Only  $179.95 


ifff 


MSRP 

$27.95 

$189.95 

$21.95 

$21.95 

$89.95 

$389.95 


Structured  Cabling  Products 


Quality  Structured  Cabling  Components  From  Quality  Manufacturers : 


HITACHI 

Hitachi  Cable  Manchester,  Inc. 


FLUKE 


M 


MICBOTfST* 


WIDTH' 


800-291-6031  •  www.lastar.net 


mstcu? 


1501  Webster  St. 
Dayton,  OH  45404 
Fax  937-223-6385 
8:30am  to  6pm  M-F 


VISA 


Most  Orders  Ship  Same  Day  Via  UPS 
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For  More  Information  About  Marketplace  1-800-622-1108 


s$na 


LANS  MUXES  CSU/DSU  Modems  Routers 


4  LAN  WAN.  COM 


Purveyors  of  Networking  Hardware 


NEW 

& 

USED 


Cim  Smut 


Switches, 
Modules, 
Routers, 
Hubs  &  Mo 


Bay  Networks 


f*oteon 

^=5ynOptics 

SMC*  OlkRobotics 


JY 

& 

SELL 


►  CHIPCOM 


LOWER  PRICES  THAN  THOSE  WARE!  OUSE  GUYS! 


-♦-Lowest  Prices  on  Factory 
Fresh  Equipment 
+  Up  to  90%  OFF  Retail 
for  Refurbished  Items 
F  Huge  Inventory  of  7^- 
Legacy  Products  — " ^inventory 
-F  Factory  Trained  r 

Consultants  on  Staff 

Fax  us  Your  Want  to  Sell  / 


-F  Authorized 
Service  Center 
-F  We  Also  Do  Repair^ 

Si  Exchanges 
F  Same  Day  Shipping 
^  on  Most  Items 
-F  Same  Day  Delivery 
Via  Counter  Service 

Buy  Lists  <§>  516-293-5325 


l  L£L\:  cur  L'l'c/c.  £fu=-  unit  Cu-Luic  if/iUyCpuio 

&  -4.UCUCU  VALVAL  -b 

A  Division  of  Ergonomic  Enterprises.  Inc. 

EBtyy  ll  liMmWmm  [ 

International  Calls:  001-1-516-293-5200  /  E-mail:  Sales@4LANWAN.COM 


WWW.4LANWAN.COM,  Inc. 

A  Division  of  Ergonomic  Enterprises,  Inc. 

■  MEMaaBH  lEDEunznniaa  ynno=j 


logos  are  registered  trademarks  of  the  companies  they  represent 
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FIBERMUX  •  CABLETRON  •  CISCO 
3COM  •  ASCEND  •  SHIVA 
AT&T  PARADYNE  •  US  ROBOTICS 
MICR0C0M  •  ADTRAN  &  ADC  KENTR0X 
BUY  USED  ♦  SELL  REFURBISHED 


CALL  BOB  GLICK 
818-366-1374  •  Fax:  818-366-5274 


of  anaacoM 

VISIT  US  ON  THE  WEB:  www.fibercom.net 
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USED 

NETWORK  HARDWARE 


"Over  15  Years  of  Exceptional  Service" 


ROUTERS 
SWITCHES  < 


•  HUBS  •  DSU/CSU 
TERMINAL  SERVERS 


BUY/SELL/LEASE 


ASCEND -LIVINGSTON 
ADTRAN  -  KENTROX 

Overnight  Delivery:  fully  Guaranteed 

800-230-6631 

HZ  805-964-1314  Far  805-964-5649  <_ 

www.networkhardware.cor 

Network  Hardware  Resale,  Inc. 
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m, 


CISCO 

Ascend 


-  Lucent/Livingston 
3C0M/USRobotics 


www.  digitalwarehouse.  com 

DHHTAL  WAMHOUS1 

Your  information  Superhighway  Discount  Source » 


►  Nortel/Bay  Networks 

►  Larscom 

►  Paradyne 

►  Motorola 


►  ADC  Kentrox  -  Xyplex 

Cabletron  ►  Newbridge  ►  Adtran 

►  Digital  Link  ►  Fore 

-  Network  Assoc.  ►  IBM 


tfost  Communications  Inc.,  56-29  56th  Drive,  Maspeth,  NY  1 1378  USA 
’  1-888-892-4726  or  718-894-7500  Fax:718-894- 1573 
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Less  is... 


Designed  for 


Microsoft* 

WindowsNT* 


NetWare. 


Contact  us  at  CYBEX  (800)  932-9239, 
fax  (256)  430-4030  or 

www.cybex.com 


Computer  Products  corporation 


Cybex,  the  Cybex  logo,AutoView  and  Commander  are 
registered  trademarks  of  Cybex  Computer  Products  Corporation. 


Manage  all  of  your  servers  with  just  one  keyboard,  monitor  MORE  Room 
and  mouse!  The  AutoView  Commander  eliminates  the  MORE  Control 
need  for  peripherals  at  every  computer.  Fewer  peripherals  MORE  Cost-effective 
means  less  clutter  and  less  wasted  money.  What  more  could  you  want? 


VISA 


' — s  Save  up  to  80%  on  new/used: 

NETFAST  -  Routers  ►  Switches  >-  XDSL  »  T1  CSU/DSUs  IfflBH « 
►  ATM  ►  Fast  Ethernet  *-  ISDN  >-  Frame  Relay  guy  USED 


For  Free  Product  Info  •  www.networkworld.com/infoxpres 


Also  Available:  Wellfleet,  Bay,  Fore, 
Xylogics,  Livingston,  &  Ascend 

in  Stock  •  Fast  Delivery  •  No  Expedite  Ctiarges 


COMSTAR,  INC. 

The  m  Network  Remarketer 

612*835*5502 

Fax  6H«855»1927  E-Mail:sales@comstarinc.com 
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REFURBISHED  NETWORKING  EQUIPMENT 


The  First  Name  in  Second  Source 
Networking  Equipment 

BUY,  SELL, 
LEASE/RENT,  TRADE 

Routers,  Hubs,  Switches,  Comm.  Servers 


BAY  NETWORKS,  3COM, 
ASCEND,  LIVINGSTON,  XYPLEX 


'All  trademarks  are  the  property  of  their  respective  owners 

Technical  Support  •  Product  Warranty  •  Aggressive  Pricing 


1-800-832-6539 

FAX:  61 2 
VOICE:  61 
Email:  sales@ir 
http://www.in 

-944-3534 

2-944-3440 

iterlinkcom.com 

terlinkcom.com 

COMMUNICATIONS 

rllNNTAPOLlS,  MN  55344 

Inte 

7131  Shady  Oak  Rd,  F 

|  #283  @  www.networkworld.com/infoxpress  | 

SOFTWARE  AT  WHOLESALE  $$$$$ 


NOVELL  NW-5.0  Upgrades 

Server  +  5  Connections  $495 
to  4  Or  to  4  Conn:  Lie  $395 
10  Connect;  addiliw  Lie  $595 
25  Connect:  Additive  Lie  $995 
50  Connect  Addilive  lie  $1495 
100  Conned  Additive  Lie  $2495 

WE  ALSO  CARRY  FILL 
VERSIONS  OF  NETWARE 
V5.0  GR0UPW1SE  AND 
MANAGEWISE  -  CALL  FOR 
PRICING 


MICROSOFT 

Office  Pro  '97  $185 

NT  Server  5  Clienis  $485 

ML  Server  10  Clients  $585 

NT  Server  20  License  $285 

NT  Workstation  $140 

NT  Workstation  Lie  $95 
B/OfficeSnrBiz-lOuser  $’95 
B/Office  Sm:Biz-25  user$U95 
B/Office  Server  Unlld:  $1785 
B/Office  Lie.  20  Pak  $1085 


SAFE  SYSTEMS  INC. 

Tel:  800- 399-2808 
l  ax:  8  I  8-887-0388 
E-Mail:  Safe@BH902IO.com 
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Cabletron  Equipment 

GUARANTEED 


^toc£x  *  100%  factory  refurbished 

•  Only  factory-authorized  VAR 

.,rtOO°  * 


30  day  hot  swap,  1  year  free  repair 
We  also  carry:  Bay  Networks. 
3Com,  Compex,  Cisco  &  more! 


Vnetek  Communications,  LLC 
sales@vnetek.com  •  www.vnetek.com 

Brand  names  are  registered  trademarks. 
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Livingston  US  Robotics 

Ascend  0,  ® AY  Micom 

•i?  Specialist  in  all  ^ 

^  Cisco  products  ■JQ 
W  including  Memory 

XL  LAN/WAN  Products  I 

\  P 

q  New,  Used,  Lease, 

3Com%  Rent  ^Codex 
Adtran  Xylogics 

Motorola  Wellfleet 

We  carry  all  Manufacturers 


Millennium  Solutions  Group,  Inc. 


•Routers,  Bridges  •  Frame  Relay 
•DSU/CSU’s  »Hubs,  Modems 

•Switches,  ATM  *Voice  over  Data 


We  Buy  and  Sell 

888-801-2001  Fax  (916)  630-2000 
Visit  our  Web  Site  at: 
http://www.millenniumsolutions.net 
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UN/WAN  •  BUY/SELL 
FULLY  WARRANTEED 
NEW/REFURBISHED 


MODEMS 
DSU/CSU'S 
T-1  EQUIPMENT 
SWITCHES,  MUXES 
HUB,  BRIDGES,  ROUTERS,  ETC. 


Cabletron  Bay  Networks 


Cisco  Specialists 


3Com  Micom  Adtran  H/P 

We  carry  all  manufacturers,  call  ask  for  sales. 


http://www.adcs-inc.com 

PHONE 
800-783-8979 


FAX  (916) 
•6962 
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Wanted  to  Buy 

Networking  Products  and  Services 


Over  157,500  qualified  subscribers  of 
Network  World  are  ready  to  buy. 

Call  to  place  your  ad  in  the  Marketplace 
1-800-622-1  108  ext.  7465 


IsJ^' 


TiiAljJJjJij 

Miff;  Hi  ,  :  ;! 


Certified  NetAnalyst 

(800)  645-8486 

|  WWW.PINEMOUNTAINGROUP.COM 
Protocol  &  Analyzer  Training 
Sniffer,  Fluke,  HP,  Shomiti 


CrossTec’s  NetOp  School  SW 

(800)  675-0729 
I  www.CrossTec.Net 
Six  essential  tools  for  the  networked 
i  classroom.  Download  a  Free  Eval 

Dalhousie  University 

|  (902)  494-1114 
|  www.dal.ca/intemetworking 
|  Master  Degree  in  Internetworking 
I  One  Year  Program 


Lanop  Nat’!  Test  Prep 

(800)  US  NETWORK 
www.lanop.com 
MCSE/CNE  Certification 
Guarantee  to  Pass  All  Tests  1st  time 


NCR  Customer  Education ! 

(800)  845-2273 
www.ncr.com/trainus 
Cisco,  MCSE,  NT  &  Networking, 
Training 


ForeFront  Direct 

(800)  475-5831 
;  www.ffg.com 

Computer  based  training  for 
the  I.T,  industry 


I  SecurelT 

(888)  777-4313 
I  www.secureit.com 
I  Test  Your  Security  Knowledge! 

I  Certified  Security  Training. 

I  Transcender  Corporation 

(615)  726-8779 
I  www.transcender.com 
|  MCSE,  MCSD,  MCP  Exam 
Simulations 


Contact  these  companies  today  to  help  you  with  your  training  needs! 
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NORTEL 

NETWORKS 


ClearVoice’ 

is  a  remarkable 
digital  compression  technology 
that  adds  toll-auality  voice  and  fax  to  your 
existing  frame  relay  or  routed  IP  network.  Intra- 
company  phone  calls  and  taxes  ride  free  along  with  other  LAN 
and  WAN  traffic.  What's  more,  ClearVoice  takes  only  a  fraction  of  your 
network's  throughput,  so  there's  no  need  to  add  extra  bandwidth.  Call  or  e-mail 
today  to  receive  Nortel  Networks'  fra  ClearVoice  white  paper  and  get  the  full  story. 
Free  ClearVoice  Over  Frame  Relay  White  Paper  Offer! 


ffiE 


Datacomm  Support  Company  Inc 

1020  Calle  Cordillera,  Suite  103,  Son  Clemente,  CA  92673  Tel:  (800)  388  8953 
^^MaihjalesSdscwamcon^febsite^wwdscwarLcom/Reci/SgecialsMainJitn^ 
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Bay  Networks  CaBLeTROQ 


The  Merged  Company  of  SynOptics  and  Wellfleet 


Cisco  Systems 


We  Stock  the  Largest  Inventory  of 
Refurbished  Bay  Networks  in  the  World! 


Bay  Networks  ESP  Trained 
Bay  Networks  Authorized 
Full  Product  Line 
New  &  Used,  Buy  &  Sell 


Proven  Track  Record 
Good  As  New  Warranties 
Repair  Services  Available 
Technical  Support 


Phone  801-377-0074 
Fax  801-377-0078 
1403  W.  820  N.  Provo,  UT  84601 

Visit  us  On  the  Web  @  www.nle.com 


National  LAN  Exchange 

888.89 1.4BAY  (4229) 


Fast  ov 


C.O.D's  Terms 


it  delivery 
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Check  Point 


Software  Technologies  Ltd. 


C7  Check  Point  Software 
Technologies  Ltd. 

Product  name:  VPN-1  Gateway 
(650)  628-2000 
www.checkpoint.com 

Check  Point  Software's  VPN-1  Gateway 
is  a  software  offering  that  incorporates 
Check  Point  Software's  superior  VPN 
functionality  with  the  security  features  of 
its  award-winning  FireWall-1®  enterprise 
security  suite  in  a  single  package.  It's 
available  in  configurations  for  a  variety  of 
customer  needs,  from  single-site, 
remote-office  installations  to  multi-site, 
enterprise-wide  deployments  with  cen¬ 
tralized  management  requirements. 


MetaConnect 

Merging  Data,  Managing  Change. 

&  ISOCOR 

Product  name:  MetaConnect® 
(310)  581-8100 
www.isocor.com 

ISOCOR's  new  meta-directory  product 
family  of  solutions  is  MetaConnect®. 
MetaConnect  is  designed  to  speed  a 


company's  ability  to  unify  their  data  for 
effective  intranets  and  to  conduct  busi¬ 
ness  on  the  Internet.  It  utilizes  a  join 
engine  to  provide  accurate,  updated 
information  to  employees,  customers 
and  trading  partners,  from  existing  data 
sources.  It  is  directory  independent, 
offers  near  real-time  change  propaga¬ 
tion,  openness,  scalability  and  perfor¬ 
mance. 


MCI  WORLDCOM 

&  MCI  WorldCom 
Advanced  Networks 

(800)  433-0389 
www.wcom.net 

MCI  WorldCom  Advanced  Networks,  an 
MCI  WorldCom  company,  provides  net¬ 
working  and  hosting  solutions  in  1 14 
countries.  We  have  the  expertise  to  offer 
leading-edge  technology  solutions  to 
large  corporations  with  mission-critical 
applications.  More  than  3,300  compa¬ 
nies  world-wide  rely  on  our  completely 
managed,  fully  integrated  Internet, 
intranet,  VPN,  hosting  and  e-commerce 
services. 


Momentum  Systems 

Tom  Corr,  President 
(609)  727-0777 
www.momsys.com 

The  growth  of  Internet  storefronts  has 
created  a  demand  for  products  that  link 
storefronts  to  back-end  applications. 
Momentum  Systems  develops  e-com- 
merce  software  for  the  distribution  of 
files  critical  to  business-to-business  com¬ 
munications.  Our  products  automatically 
and  securely  exchange  information 
between  an  organization  and  its  trading 
partners  and  provide  file  distribution  ser¬ 
vices  for  web-based  applications. 


/  Ringdale,  Inc. 

Product  Name:  PrintPro®  99 
(512)  288-9080 
www.ringdale.com 

The  PrintPro®  99  connects  any  laser,  dot 
matrix,  inkjet  printer  or  plotter  with  a 
parallel  port,  to  a  lObaseT  Ethernet  net¬ 
work.  The  PrintPro  99  can  receive 
Internet  faxes  from  IETF  compliant  fax 
machines.  It  can  also  receive  text  e-mails 
and  embedded,  pre-formatted  print  files 
via  the  Internet  or  local  network. 


All  efforts  have  been  made  to  make  this  listing  as  complete  and  accurate  as  possible.  Network  World  is  not  liable  for  errors  or  omissions. 


Understanding 

TCP/IP: 

Implementing  the 
Protocols  of  the  Internet 


PROG-RAM  OVERVIEW 

TCP/IP  has  become  the  standard  you  must  be  well  versed  in  if  you 
work  in  an  Internet-  or  intranet-centric  environment.  An  in-depth  and  clear 
comprehension  of  TCP/IP  is  essential  for  network  administrators, 
analysts  and  PC  support  staff  who  need  to  understand  the  practical 
applications  of  this  ubiquitous  protocol  —  not  just  the  theory  behind  it. 

Understanding  TCP/IP:  Implementing  the  Protocols  of  the  Internet, 

an  information-packed,  2-day  program,  is  an  invaluable  educational  tool 
that  will  help  you  understand  the  Internet  protocols  (TCP  and  IP)  as  well 
as  important  Application  protocols.  The  use  of  over  1 5  case  studies, 
captured  from  live  internetworks,  will  demonstrate  analytical  techniques 
to  help  you  solve  typical  problems. 

TECHNICAL  HOT  POINTS 

This  seminar  will  give  you  the  opportunity  to: 

•  Learn  how  TCP/IP  is  supported  in  various  host  and  LAN  operating  systems 

•  Study  the  functions  of  the  supporting  protocols,  such  as  ARP,  RARP, 
DNS,  BOOTP,  RIP  and  OSPF 

•  Understand  how  IP-based  routing  works 

•  Learn  how  you  can  integrate  the  application  protocols,  such  as  TFTP, 
FTP,  TELNET,  SMTP  and  HTTP  into  a  TCP/IP  environment 

•  Understand  the  operation  of  SNMP,  the  Internet  standard  for 
network  management 


LEARN  PROM  THE  LEADER 

Network  World  Technical  Seminars  is  known  throughout  the  networking 
community  for  providing  IT  professionals  with  expert,  unbiased  education 
on  the  latest  technologies  and  trends  shaping  today’s  mission-critical 
networks.  Our  reputation  combined  with  a  100% 
satisfaction  guarantee  makes  us  the  educator  of  liletwoikli 
choice  for  networking  professionals. 
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New  York,  NY . April  27-28 

Philadelphia,  PA . May  18-19 
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Dallas,  TX . June  29-30 

Presented  by  Mark  A.  Miller,  P.E.,  DigiNet  Corporation 

2-Day  Seminar  Registration  Fee  —  $995 

Bring  your  colleagues  and  take  advantage  of  our  Team  Discounts: 

2  registrants  $920  each  •  3  registrants  $845  each 
4  or  more  registrants  $795  each 

Register  today  and  take  the  next 
step  in  maximizing  your  potential 

(800)643-4668 

www.nwfusion.com/seminars 
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IT  All  Starts  Here. 


This  just  in:  CNN.com,  the  worlds  leading  news  site, 
now  features  technology  news  and  information  from  the 
Web  s  fastest  growing  global  technology  information 
network  —  IDG.net. 


CNN  Interactive  has  discovered  what 
readers  of  IDG  publications  have  known 
for  over  30  years:  no  other  company 
can  match  the  breadth  and  quality  of 
technology  information  offered  by  IDG. 

Network  World  Fusion  —  along  with  fellow 
IDG.net  sites  Computerworld  Online, 
InfoWorld.com,  JavaWor Id,  PC  World  Online 
and  TheStandard.com  —  is  proud  to  be 
part  of  the  Web’s  most  trusted  network  of 
computing  publications.  With  240  sites  in 
55  countries,  IDG.net  reaches  more 
readers,  in  more  markets,  than  any  other 
Web  network  —  and,  it’s  growing  every  day. 


Now  millions  of  new  readers  worldwide 
will  discover  what  IDG. net’s  users  have 
known  all  along  —  that  IDG.net  offers 
the  most  comprehensive,  current,  and 
useful  computing  information  on  the 
Web  today. 

More  publications,  more  product  reviews, 
more  technology  news  —  more  of  the 
quality  information  you  need  to  make 
technology  decisions  for  any  computing 
environment,  from  the  home  office  to  the 
global  enterprise. 

IDG.net.  IT  all  starts  here. 
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Check  Point  lays  out  VPN  roadmap 


BY  ELLEN  MESSMER 

REDWOOD  CITY,  CALIF.  — 
Check  Point  Software  Tech¬ 
nologies  has  drawn  up  a  vir¬ 
tual  private  network  (VPN) 
product-direction  roadmap 
that  calls  for  adding  multiven¬ 
dor  digital  certificate  support 
as  well  as  a  network  failover 
and  clustering  capabilities  to 
its  VPN- 1  gateway. 

Today  Check  Point  only  sup¬ 
ports  the  Entrust  Technologies 
digital  certificate  public-key 
infrastructure  (PKI).  But  by 
year-end,  the  Check  Point  VPN- 
1  gateway  should  be  able  to 


use  digital  certifi¬ 
cates  from  VeriSign, 
Netscape, 

Baltimore  Tech¬ 
nologies  and  Mic¬ 
rosoft,  as  well. 

“In  our  roadmap 
for  Open  PKI,  we’ll 
offer  a  choice,”  says 
Asheem  Chandna, 

Check  Point  vice 
president  of  mar¬ 
keting  and  business 
development. 

Corporations  issue  employ¬ 
ees  digital  certificate  IDs  to 
prove  their  identities  and  en¬ 
crypt  traffic  over  the  Internet. 


Customers  also 
want  certificates  in 
extranet  applica¬ 
tions  that  tie  trad¬ 
ing  partners.  Unfor¬ 
tunately,  interoper¬ 
ability  problems  in 
different  vendors’ 
digital  certificates 
have  considerably 
complicated  the 
use  of  certificate 
IDs. 

Under  Check 
Point’s  Open  PKI  strategy,  the 
company’s  VPN- 1  will  be  able 
to  automatically  recognize 
each  certificate  type  and 


process  it  appropriately  with 
each  vendor’s  PKI  gear. 

Check  Point  also  wants  to 
add  a  method  for  selective 
encryption  to  its  VPN-1  gateway 
for  users  who  don’t  want  to 
encrypt  all  traffic,  but  only  spe¬ 
cific  application  types,  destina¬ 
tion  addresses  or  user  names. 

In  addition,  if  a  manager 
wants  to  set  up  what  Check 
Point  calls  a  virtual  private 
LAN  by  installing  VPN- 1  on  the 
intranet,  the  network  manager 
will  be  able  to  manage  dozens 
of  gateways  for  this  type  of 
selective  encryption. 

VPN-1,  which  will  have 


Check  Point's  Chandna 
is  looking  to  offer  an 
encryption  choice. 


Check  Point’s  bandwidth  man¬ 
ager  FloodGate-1  added,  will 
use  a  new  compression  algo¬ 
rithm  allowing  it  to  push  ten 
times  as  much  data  through 
the  network,  Chandna  says. 

As  VPN-based  authentica¬ 
tion  and  encryption  grow  in 
importance,  so  does  the  need 
to  avoid  network  downtime. 
Check  Point’s  nta*  crsion  of 
VPN-1  will  wo*  in  failover 
mode,  so  a  primary  VPN  gate¬ 
way  will  failover  to  a  backup 
VPN  should  trouble  occur. 

Also,  Check  Point  claims  it 
will  have  “VPN  clustering”  for 
scalability  and  performance. 

“You’ll  be  able  to  have  up  to 
four  VPN-1  gateways  working 
together  for  up  to  155M 
bit/sec  speed,”  Chandna  says.  3 


Melissa, 

continued  from  page  1 

e-mailed  Word  attachments. 

•  End  users  must  be  educat¬ 
ed  and  convinced  of  the  need 
to  practice  safe  e-mail,  al¬ 
though  a  few  dissenters  at  the 
conference  consider  this 
approach  ultimately  futile. 

•  Virus  authors  must  be 
faced  with  stiffer  penalties  — 
as  in  jail  time  —  to  deter  them 
from  plying  their  wares. 

The  vast  majority  of  end 
users  who  were  faced  with 
the  Melissa  virus  have  never 
used  a  macro  in  a  document 
and  don’t  know  what  to  do 
with  a  macro,  says  Edmund 
Lee,  vice  president  of  informa¬ 
tion  services  at  E.W.  Blanch 
Holdings  in  Minneapolis.  “I’d 
like  to  see  administrators  have 
more  control  over  [those 
macros] .” 

When  Melissa  was  first 
detected,  Lee’s  IS  team  re¬ 
motely  reset  the  macro  warn¬ 
ing  mechanism  on  the  desk¬ 
tops  of  end  users  who  had 
deactivated  it.  “Of  course,  you 
can’t  force  users  to  then  dis¬ 
able  macros,”  he  says. 


Morn 

Online 

A  forum  to  discuss  Melissa, 
educating  users  about 
attachments  and 
the  vulnerabil* W  [If.  If]  ] 
itios  of  Microsoft 
software.  .  'IhU'1" 

Patches  anti  more 
virus  information 


“Vendors  have  got  to  deal 
with  the  issue  [of  macros], 
and  it  seems  to  me  that 
Microsoft  has  an  important 
role  to  play  here,”  says  Blane 
Woodward,  IS  manager  at 
Northwestern  Mutual  Life  in 
Milwaukee. 

First  discovered  on  the 
alt. sex  newsgroup  on  March 
26,  the  Melissa  virus  spread 
rapidly  as  recipients  of  the 
infected  Word  attachment 
unwittingly  launched  the  mali¬ 
cious  macro  it  contained. 

The  macro  in  turn  helped 
itself  to  the  first  50  names  in 
users’  contact  lists  and  sent 
copies  to  those  people.  The 
e-mail  always  appeared  to  be 
from  a  known  party,  which 
helped  it  spread  within  a  day 
to  thousands  of  companies. 

Macro  viruses  are  easy  to 
write,  and  the  interoperability 
of  e-mail  software  gives  viruses 
ample  opportunity  to  spread.  So 
guarding  against  Melissa-like 
viruses  in  the  future  may 
involve  trade-offs,  observers  say. 

“We  have  to  find  a  way  to  not 
only  have  better  control  over 
who  we  receive  e-mail  from, 
but  also  to  authenticate  or  trace 
the  e-mail,”  says  an  executive  for 
a  major  brokerage  firm,  who 
asked  not  to  be  named.  “[End 
users]  will  have  to  give  up  some 
of  their  privacy  in  exchange  for 
better  security.” 

Limiting  the  number  of 
points  at  which  Internet 
e-mail  can  enter  your  network 
will  help  reduce  the  damage 
done  by  viruses  when  they 
occur,  according  to  an  admin¬ 
istrator  at  a  major  defense 
contractor. 

“We’ve  contained  the  routes 


through  which  incoming 
e-mail  can  pass,  and  that’s  how 
we  were  able  to  stop  the  pro¬ 
liferation  of  Melissa  while  we 
cleaned  up  all  of  the  internal 
servers,”  he  says.  “At  the  same 
time,  we’re  looking  at  routing 
incoming  messages  through  a 
dedicated  machine  that  will  do 
virus  scanning.” 

The  approach  will  be  costly, 
he  says,  “but  there’s  also  a  cost 
associated  with  not  bothering.” 

While  everyone  agrees  that 
end  users  need  to  know  more 
about  viruses  and  exercise 
care  when  opening  attach¬ 
ments,  there  is  disagreement 

Mad  at  Melissa 


regarding  the  proportion  of 
responsibility  they  should  bear 
in  the  future. 

“Users  have  to  be  better 
educated  about  the  risks  of 
opening  Office-style  docu¬ 
ments  with  macros  in  them 
without  virus-scanning  on 
their  desktop,”  says  Neil  Farish, 
a  consultant  with  The  Devon 
Group  in  Ottawa. 

The  suspected  creator  of 
Melissa  was  arrested  late  last 
week  in  New  Jersey  by  federal 
and  state  officials.  Punishing 
the  Melissa  perpetrator  is  con¬ 
sidered  by  most  to  be  an 
important  element  of  reduc¬ 


ing  future  virus  threats. 

“The  penalties  should  be 
incredibly  severe,”  Farish  says. 
Not  only  should  the  virus 
author  be  punished,  but  so 
should  any  irresponsible  ISP 
or  other  company  that  might 
be  at  fault,  he  says. 

Overall,  conference  atten¬ 
dees  were  pessimistic  about 
the  future  of  virus  control. 

“As  soon  as  [vendors]  do 
more,  the  hackers  will  find 
another  way  around  it,”  says 
the  defense  contractor  admin¬ 
istrator.  “There’s  no  perfect 
security  system,  unless  you 
shut  everything  down.”  □ 


"[Microsoft 
nee  Us  to 


tal ce  a  closer 
look  at  this 
and  he  more 
responsive 
to  its  users 
than  it  has." 

Edmund  Lee, 
vice  president  of  infor¬ 
mation  services, 

E.W.  Blanch  Holdings 


"The  penalties 
should  be  in¬ 
credibly  severe." 

Neil  Farish,  consultant, 

The  Devon  Group 

"Vendors  need  to 
build  some  sort 
of  mechanism 
that  [requires  end 
users  in  corporate 
environments]  to 
know  a  password  before 
attachments  are  opened." 

Blane  Woodward,  IS  manager,  Northwestern  Mutual  Life 
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Savings, 

continued  from  page  1 

A  secondary  controller  and 
18G  bytes  of  external  storage 
can  also  boost  performance 
for  about  $11,000,  according 
to  Dell. 

Now  what  do  you  have?  A 
beefed-up  server  at  half  the 
price  of  a  new  one. 

Tip  2:  Switch  off  for  savings 

Will  turning  off  your  PC, 
monitor  and  printer  save 
money?  Let’s  do  a  back-ot-the- 
envelope  calculation.  Figure 
each  PC  uses  200  watts  per 
hour,  and  each  monitor  uses 
about  the  same.  An  employee 
works  nine  hours  per  day, 
which  means  the  computer  is 
idle  for  1 5  hours.  If  it’s  on  after 
an  employee  has  gone  for  the 
day,  the  computer  is  wasting 
six  kilowatt  hours  per  day.  At 
roughly  5  cents  per  kilowatt 
hour,  that’s  $2.10  per  week  — 
chump  change.  But  for  a 
department  of  50  people, 
you’re  paying  about  $5,460 
per  year  so  your  employees 
can  avoid  the  inconvenience 
of  flipping  two  switches  every 
morning. 

Tip  3:  Avoid  installation  fees 

If  you  don’t  like  paying 
points  on  a  mortgage  or  dealer 
markups  on  hard-to-find  cars, 
then  you  won’t  like  installa¬ 
tion  fees  on  network  services. 
The  way  out  of  all  of  these  is 
the  same  —  negotiate,  negoti¬ 
ate,  negotiate. 

Often  overlooked,  the  term 
“installation  fee”  on  a  telecom 
service  contract  is  misleading. 
If  a  carrier  puts  in  a  new  frame 
relay  network,  then  the  instal¬ 
lation  fee  —  more  properly 


called  the  “nonrecurring 
charge”  (NRC)  —  seems  justi¬ 
fied.  But  don't  expect  to  avoid 
the  fee  if  you  already  have  a 
network  connection  and  are 
looking  for  a  second  perma¬ 
nent  virtual  circuit,  or  if  you 
are  seeking  a  new  call-routing 
feature  on  your  voice  virtual 
private  network,  or  with  just 
about  any  carrier  service  you 
can  imagine.  Almost  all  carrier 
services  come  with  NRCs. 

NRCs  range  from  $25  for  a 
simple  change  order  on  an 
existing  service  to  $  1 ,000  for  a 
new  ATM  port. 

With  a  competitive  request 
for  proposal  on  the  table,  the 
winning  bidder  will  often 
agree  to  waive  some  or  all  of 
the  installation  fees  to  win  — 
or  keep  —  the  business. 
Remember  that  many  carrier 
representatives  are  compen¬ 
sated  not  on  how  much  busi¬ 
ness  they  win  for  their  compa¬ 
ny  but  on  how  much  of  a  min¬ 
imum  annual  revenue  commit¬ 
ment  you  make  to  the  carrier. 
If  a  carrier  asks  you  to  bump 
up  the  minimum  amount  of 
volume  you  commit  to  each 
year  of  a  three-year  contract, 
then  your  next  question 
should  be:  Fine,  will  you  waive 
the  installation  fees? 

Don’t  just  ask  for  NRC 
waivers  at  the  outset  of  a  con¬ 
tract  —  try  to  get  an  agree¬ 
ment  in  advance  that  will 
waive  NRCs  throughout  the 
length  of  your  contract. 

Tip  4:  Avoid  NT  sticker  shock 

Here  is  a  little  advice  for 
users  considering  swapping 
their  NetWare  servers  in  favor 
of  Windows  NT.  If  you  care 
about  money,  don’t  do  it. 

Analyst  firms  Giga  Informa¬ 


tion  Group  of  Cambridge, 
Mass.,  and  Gartner  Group  of 
Stamford,  Conn.,  say  moving 
your  NetWare  3-X  or  4.X 
servers  to  NT  4.0  could  end  up 
costing  three  times  as  much  in 
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Novell  l 


Analysts  say  upgrading  to  Net¬ 
Ware  5  is  a  lot  less  expensive 
than  a  wholesale  move  to  NT. 

terms  of  hardware  and  admin¬ 
istration  costs  than  upgrading 
to  NetWare  5.0. To  provide  the 
same  server  uptime,  NT 
requires  bigger  boxes  —  and 
more  of  them  —  than  Net¬ 
Ware.  Additionally,  you  will 
need  more  bodies  to  manage 
these  NT  boxes  than  you  do  to 
manage  NetWare  systems.  And 
the  going  rate  for  trained  NT 
professionals  is  $70,000  annu¬ 
ally,  compared  with  the 
$50,000  average  salary  of  a 
Certified  NetWare  Engineer 
(CNE). 

Chad  Willaert,  a  senior  sys¬ 
tems  engineer  with  GE  Capital 
Information  Technology  Solu¬ 
tions  in  St.  Paul,  Minn.,  is  work¬ 
ing  with  a  large  corporation 
whose  management  wants  to 
migrate  the  company’s  entire 
NetWare  file  and  print  opera¬ 
tion  to  NT.  Willaert  says  it 


wouldn’t  be  a  cost-effective 
move  because  the  company 
currently  employs  only  one 
CNE  to  manage  20  Novell 
servers,  compared  with  the  45 
engineers  it  would  need  to 
track  200  NT  boxes. 

Tip  5:  T-1  access:  Forget  the 
mileage 

For  decades,  carriers  have 
claimed  that  T-1  pricing  is  out 
of  their  hands.  The  price 
depends  on  how  far  your  loca¬ 
tion  is  from  their  points  of 
presence,  they  have  said.  And 
that’s  certainly  still  true  if  you 
go  by  their  tariffed  pricing. 

But  an  increasing  number  of 
users  are  getting  flat-rate  T-1 
deals  from  major  interex¬ 
change  carriers.  To  hang  on  to 
your  business,  the  carriers  will 
agree  to  set  a  fixed  figure  —  in 
some  cases  as  low  as  $300  per 
month  —  for  all  the  T-ls  they 
resell  to  you  after  purchasing 
them  from  local  carriers 
around  the  country. 

Still,  you  have  to  ask  for  the 
deal  or  you  won’t  get  it.  As  a 
negotiating  tool,  remember 
that  dedicated  access  benefits 
your  carrier  as  well  as  you.  A 
T-1  can’t  simultaneously  go  to 
AT&T’s  and  MCI  WorldCom ’s 
points  of  presence.  So  carriers 
know  you’ll  probably  send 
additional  voice  and  data  traf¬ 
fic  exclusively  to  them  until 
you’ve  nearly  filled  the  T-1. 

Don’t  expect  a  $300  per 
month  rate  unless  you  have  a 
large  network  —  perhaps  50 
sites  or  more  —  and  are  willing 
to  commit  fairly  exclusively  to 
one  carrier.  But  smaller  net¬ 
works  can  still  benefit  from  the 
flat-rate  idea. 

T-ls  often  cost  $600  to  $700 
once  you  get  out  of  central 


business  districts  and  $  1 ,200  in 
rural  areas.  So  even  a  $500  flat- 
rate  deal  is  bound  to  save  you 
money  —  not  to  mention  the 
headache  of  trying  to  predict 
your  network-services  costs. 

Tip  6:  Cheap  T-ls  to  the  'Net 

If  you  think  you’re  paying 
too  much  for  your  Internet 
access  connection,  you’re 
probably  right.  Some  ISPs  are 
charging  steep  prices  for  a  full 
T-1  pipe.  But  be  advised:You’re 
not  locked  into  choosing 
UUNET  (about  $2,500  per 
month,  $5,000  setup),  Cable  & 
Wireless  ($1,700  per  month, 
$300  setup)  or  Concentric 
Network  (about  $1,800  per 
month,  $3,000  setup)  for  your 
Internet  access. 

One  alternative  that’s  grow¬ 
ing  in  popularity  is  fixed  wire¬ 
less  Internet  access  service. 
Some  providers  are  charging 
only  about  $400  per  month  for 
1.544M  bit/sec  of  dedicated 
access.  Compared  with  expen¬ 
sive  ISPs,  such  as  UUNET,  users 
can  save  more  than  $2,000  per 
month  by  choosing  a  wireless 
ISP  such  as  Airwire.net,  which 
will  install  an  antenna  and  radio 
on  your  company’s  roof.  The 
Airwire.net  service  comes  in 
two  versions;  both  have  a  one¬ 
time  installation  fee  of  $1,850 
and  cost  $400  or  $500. 

Tip  7:  Put  your  clients  on  a  diet 

You  may  be  spending  too 
much  for  end-user  computing. 
Over  two  years,  National 
Semiconductor  slashed  its 
annual  desktop  total  cost  of 
ownership  by  more  than  half, 
from  $7,600  per  desktop  to 
about  $3,300. 

Figure  nearly  $4,300  in  sav¬ 
ings  for  each  of  National’s 
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Extra  money-saving  tips 


E-mail 


The  expensive  way:  Buy  a  fancy  e  mail  system 
and  administer  it  yourself. 

Save  by:  Looking  into  outsourcing.  With  the  right 
partner,  you  could  save  up  to  50%. 


fTTTTT 


Layer  3  switches 


The  expensive  way:  Buy  a  Layer  3  switch  that  is  just 
set  up  to  do  Layer  2.  Then  upgrade  it  for  true  Layer  3 
for  about  $1,000  per  port. 

Save  by:  Going  with  a  software  upgradable  switch. 
This  can  save  you  thousands  of  dollars. 


Voice  and  frame  relay 


The  expensive  way:  Buy  separate  boxes 
to  handle  voice  and  frame  relay.  Together 
these  can  cost  up  to  $17,000. 

Save  by:  Getting  a  box  that  handles  voice 
and  frame  relay,  such  as  the  IBM  221 2  Access 
Utility,  for  $10,200. 
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7,400  users  and  you’re  talking 
about  a  major  chunk  of  money 
—  about  $32  million. 

National  defined  a  standard 
desktop  PC  outfitted  with  the 
company’s  own  inexpensive 
Cyrix  chip  and  carrying  a  price 
tag  of  roughly  $600.  The  PC 
communicates  with  servers 
that  run  Windows  applications 
on  top  of  Citrix  Systems’ 
WinFrame  software,  a  multi¬ 
user  version  of  Windows  NT. 
The  servers  are  from  Dell  and 
cost  about  $20,000  apiece. 

National  expected  big  soft¬ 
ware  purchase  savings  but 
didn’t  get  them,  says  Bob 
Neuberger,  who  manages 
National’s  thin-client  technolo¬ 
gies.  The  savings  didn’t  stack 
up  because  most  vendors  still 
issue  software  licenses  per- 
desktop  rather  than  for  con¬ 
current  usage,  he  says. 

The  real  savings  have  come 
from  areas  that  are  somewhat 
more  difficult  to  quantify. 
Distributing  new  software 
now  takes  just  hours  instead 
of  months  because  it’s  loaded 
on  a  few  servers  instead  of 
each  desktop.  In  fact,  some 
departments  now  update  their 
software  weekly. 

Because  desktops  have  little 
with  which  end  users  can 
monkey,  technical  support 
costs  have  dropped,  and  user 
productivity  has  risen,  though 
again,  this  is  hard  to  quantify. 

Tip  8:  Slash  e-comm  costs 

If  electronic  commerce  is 
such  a  great  way  to  make 
money,  why  does  it  cost  so 
darn  much? 

Opening  shop  as  an  online 
merchant  —  processing  credit 
cards,  maintaining  customer 
accounts,  providing  catalog 


content  with  connectivity  to 
your  back-end  databases  — 
isn’t  cheap.  It  can  easily  cost 
$500,000  or  more  for  full-func¬ 
tion  high-end  packages  from 
BroadVision,  Open  Market, 
Trade’Ex  or  Connect. 

The  same  goes  for  installing 
an  electronic  procurement 
system  so  your  employees  can 
buy  office  supplies  from  their 
desktops  by  checking  suppli¬ 
ers’  electronic  catalogs.  It 
might  cost  $20  to  process  a 
$15.76  pencil  order  the  old- 
fashioned  paper  way.  With 
e-commerce,  that  order  is  sup¬ 
posed  to  cost  less  than  $  1 .  But 
it  costs  a  pretty  penny  to  find 
out  if  that  cost-savings  is  accu¬ 
rate  by  installing  software 
from  Commerce  One,  Ariba 
Technologies,  RightWorks  or 
Intelisys.  This  stuff  generally 
costs  a  half-million  dollars 
and  up. 

“The  reason  why  e-com- 
merce  is  expensive  is  the  tech¬ 
nology  is  very  new  and  these 
are  complex  systems  to  build,” 
says  Steve  Robins,  an  analyst  at 
The  Yankee  Group,  a  consul¬ 
tancy  in  Boston.  If  you  can’t 
afford  a  platinum-plated  e- 
commerce  site,  you  may  have 
to  forego  the  niceties,  such  as 
extensive  integration  with 
back-end  systems  and  the  abil¬ 
ity  to  provide  real-time  infor¬ 
mation  to  customers.  You  also 
may  have  to  limit  the  number 
of  transactions  you  can 
process  at  one  time. 

For  online  merchants,  prod¬ 
ucts  from  IBM,  Intershop 
Communications,  iCat  and 
several  other  companies  cost 
well-under  $50,000.  For 
e-commerce  procurement, 
SpaceWorks’  OrderManager 
almost  looks  like  a  bargain 


at  prices  of  $100,000  to 
$250,000.  The  poor  man’s 
desktop  procurement  product 
is  Trilogy  Software’s  Buying 
Chain,  which  costs  $4,995  for 
500  users. 
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IBM's  procurement  software,  at 
$50,000,  is  a  relative  bargain. 


Tip  9:  Avoid  the  toll  trap 

Do  you  ever  pick  up  the 
phone,  dial  a  number  that  you 
think  is  in  your  metropolitan 
area,  and  get  a  recording  say¬ 
ing  “You  must  first  dial  a  1 
before  the  area  code”?  You  are 
now  in  the  intra-LATA  toll 
zone,  one  of  the  worst  sources 
of  telecom  expense  leaks. 

Unless  you  have  a  specific 
clause  in  your  contract  and 
have  carefully  programmed 
your  PBX  or  other  switch  to 
deal  with  these  calls,  you’re 
bound  to  be  paying  more  for 
these  connections  than  for 
calls  across  the  country. 

The  explanation  for  this  has 
nothing  to  do  with  technology 
and  everything  to  do  with 
monopolies  and  regulation. 
Under  the  original  AT&T 
breakup,  the  regional  Bell 


operating  companies  were 
only  allowed  to  carry  calls 
within  carefully  defined  local 
access  and  transport  areas 
(LATA).  Contrary  to  what 
many  people  believe,  LATAs 
are  not  the  same  as  local  call¬ 
ing  areas.  LATAs  are  usually 
bigger,  and  once  you  call  a  des¬ 
tination  outside  the  local  call¬ 
ing  area  but  still  within  the 
LATA,  the  local  carrier  consid¬ 
ers  it  a  long-distance  call,  gen¬ 
erating  a  toll  charge. 

Originally,  long-distance 
carriers  couldn’t  compete  for 
these  intra-LATA  toll  calls, 
meaning  RBOCs  had  a 
monopoly  over  them  and 
charged  accordingly.  Over 
the  past  few  years,  most 
states  have  allowed  interex¬ 
change  carriers  to  carry  this 
traffic.  But  many  users  have 
not  reset  the  programming 
tables  within  their  PBXs  to 
recognize  this  choice.  The 
calls  still  go  by  default  to  the 
local  carrier.  And  if  there’s  no 
special  contract  with  the 
local  carrier,  intra-LATA  toll 
calls  can  run  15  to  20  cents 
per  minute,  compared  with  as 
little  as  5  or  6  cents  for  a 
cross-continent  call  on  a 
negotiated  contract. 

The  solution  is  relatively 
simple.  Your  best  bet  is  to  go 
to  your  long-distance  carrier 
and  present  it  with  your 
expected  intra-LATA  toll  vol¬ 
ume.  Add  that  to  your 
long-distance  volume  as  a 
negotiation  ploy  to  reduce 
all  your  per-minute  charges. 
Then  make  sure  your  tele¬ 
com  administrator  repro¬ 
grams  your  PBX  to  recognize 
the  six-digit  combinations  — 
the  area  codes  and  exchanges 
—  that  fall  within  the 
LATA  but  outside  your  local 
calling  area. 
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Load  balancing 


The  expensive  way:  Go  with  Cisco's 
LocalDirector  430  for  about  $25,000. 
Save  by:  Choosing  Foundry's  $6,300 
Serverlron  instead  — you'll  save 
about  $18,700. 


ISDN  vs.  DSL 


The  expensive  way:  Buy  128K  bit/sec  ISDN  and 
use  it  for  long  distance,  all  the  time.  This  could 
cost  nearly  $3,500  per  month. 

Save  by:  Going  with  digital  subscriber  line  for 
about  $150  per  month. 


Details  on  these  tips  can 
be  found  online . 


Tip  10:  Get  only  the  manage¬ 
ment  software  you  need 

The  thing  about  network 
management  software  that 
many  companies  don  t  realize 
is  that  the  $50,000  to 
$  100,000  they  shell  out  for  the 
software  is  really  only  the  tip 
of  the  iceberg.  Experts  esti¬ 
mate  that  to  make  manage¬ 
ment  software  useful,  most 
companies  have  to  spend 
between  three  and  10  times 
the  cost  of  the  product  for  ser¬ 
vices  integrating  the  software 
into  the  rest  of  the  network. 

If  companies  don’t  spend 
the  time  and  money  to  fully 
integrate  the  management  soft¬ 
ware,  they  often  will  get  frus¬ 
trated  with  it  and  let  it  sit  on  a 
shelf.  How  can  this  be  avoided? 
First,  determine  exactly  what  it 
is  you  want  to  manage:  devices, 
configuration,  performance, 
service  levels,  whatever.  Then 
find  a  specific  software  pack¬ 
age  that  meets  your  needs. 

There  are  many  management 
tools  that  don’t  require  a  net¬ 
work  management  platform, 
but  only  perform  specific  func¬ 
tions.  Those  tools  are  often  less 
expensive  than  a  full-platform 
implementation,  but  you  have 
to  know  your  needs.  If  you  only 
need  to  know  how  well  your 
applications  are  performing,  for 
instance,  there  are  software 
packages  that  start  at  less  than 
$10,000  from  the  likes  of 
NetScout  and  Ganymede. 

Also,  don’t  forget  some  of 
the  basic  shareware  tools  that 
are  available.  These  resources 
include  ping,  which  checks  if  a 
device  is  available,  and  tcp- 
dump,  which  provides  data  on 
TCP  from  a  Unix  box.  S 

Get  more  info  online. 
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A  picture  is  worth  a  kibiword 


If  I  can’t  picture  it,  I  can’t  understand  it. 

—  Albert  Einstein 

One  picture  had  better  be  worth  a 
thousand  words  —  it  takes  up  more 
disk  space. 

—  Anon. 
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Before  I  jump  lithely,  my  mus¬ 
cles  rippling  like  a  panther,  onto 
this  week’s  soapbox,  let  me  impart 
some  crucial  news  on  standards: 
According  to  Science  magazine, 
the  International  Electrotechnical 
Commission  (IEC)  is  adopting  new 
prefixes  to  describe  orders  of  mag¬ 
nitude  of  data. 

The  IEC  has  defined  the  term 
“kibibyte’to  mean  1,024  bytes. 

The  idea  is  to  avoid  the  confusion 
that  a  kilobyte  is 
1,000  bytes.The  com¬ 
mission  has  also 
replaced  the  other 
prefixes  denoting  suc¬ 
cessive  powers  of  10 
—  mega,  giga,  tera, 
peta  and  exa  —  with 
mebi,  gibi,  tebi,  pebi 
and  exbi. 

Apparently  the 
National  Institute  of 
Standards  and  Tech¬ 
nology  (NIST)  sup¬ 
ports  this.  “There  was 
a  need  to  straighten  this  out,”  says 
Barry  Taylor,  chief,  fundamental 
constants  data  center  at  NIST. 

Others  have  scoffed  and 
sneered  at  this  idea  as  overly 
complex,  unnecessary  or  just 
plain  stupid.  But  I  think  it  actually 
makes  sense.  What  do  you  think? 

It  appears  that  I  managed  to 
digress  before  I  even  got  started. . . . 

So  there  I  was  thinking  about 
graphical  user  interfaces  (GUI).  To 
be  specific,  I  was  thinking  how 
odd  it  is  that  we  place  so  much 
faith  in  GUIs  and  talk  about  their 
designs  and  nuances,  but  we 
avoid  thinking  graphically  when 
it  comes  to  explaining  our  tech¬ 
nologies  and  architectures. 

Now  I  must  admit  to  a  bias  for 
using  graphics  to  explain  things 
—  I  have  a  degree  in  architecture, 
so  using  drawings  to  solve  prob¬ 
lems  and  explain  ideas  was  a  fun¬ 
damental  part  of  my  education. 
But  graphics  work  for  everyone. 

If  you  want  to  explain  a  prod¬ 


uct  architecture  or  a  network 
structure,  draw  boxes  showing  the 
parts  and  connect  them  to  show 
the  relationships;  it  is  really  pretty 
straightforward.  What  got  me 
thinking  about  graphics  was  the 
documentation  for  a  number  of 
products  I  tested  for  a  forthcom¬ 
ing  Network  World  review  of 
e-mail  automation  solutions.  Here 
I  had  products  that  ranged  from  a 
few  hundred  dollars  to  tens  of 
thousands  of  dollars,  and  most 
vendors  at  both  ends  of  the  cost 
spectrum  failed  to  adequately  dia¬ 
gram  their  products. 

Typically  the  diagrams  were 
incomplete  or  too  high-level. 

If  you  want  customers  to  under¬ 
stand  how  your  product  works, 
show  all  the  bits  of  your  hardware 
and  software,  and  their  interdepen¬ 
dencies.  If  your  diagram  refers  to 
Module  A  while  your  documenta¬ 
tion  calls  it  Module  1,  and  the  help 
file  calls  it  Module  X,  expect  me  to 
be  calling  your  salespeople  for  an 
explanation  or  just  ignore  your 
product  completely. 

Moreover,  in  the  corporate  net¬ 
work  world,  similar  imperatives 
apply:  If  you  want  to  sell  your 
ideas  and  be  understood,  diagram. 
Get  visual.  Hell,  dress  up  the  most 
basic  ideas  with  cool  graphics  and 
you  will  appear  an  order  of  mag¬ 
nitude  more  professional. 

Consider  coming  to  grips  with 
tools  such  as  3-D  editors.  With  a 
modicum  of  effort,  you  can  create 
fly-throughs  and  animations  that 
explain  what  you  are  doing  and 
where  you  plan  to  go,  or  support 
your  requests  for  funds  far  more 
engagingly  and  persuasively. 

In  fact,  as  our  desktops  get 
more  powerful  and  our  intranets 
become  (hopefully)  more  useful, 
it  becomes  easier  to  use  graphical 
models  and  presentations  to  aid 
navigation  and  interaction.  Sight 
is  the  most  powerful  and  fastest 
information  transfer  mechanism 
humans  possess.  If  you’re  not 
using  sophisticated  graphics 
extensively  in  your  IT  operations, 
you’re  missing  out  and  selling 
yourself  short. 

If  even  Einstein  preferred  to 
visualize,  the  rest  of  us  probably 
shouldn’t  ignore  the  opportunity. 

Sketches  to  nwcolumn@gibbs. 
com  or  (800)  622-1108,  Ext.  7504. 
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Too  bad  they  didn't  actually  pummel 

each  other  with  those  red  boxing  gloves  that 
dangled  from  the  three  podiums.  Fisticuffs 
wouldn’t  have  settled  last  week's  showdown 
between  messaging  heavyweights  Lotus, 

Microsoft  and  The  Artist  Formerly  Known  As 
Netscape  at  the  Electronic  Message  Asso¬ 
ciation's  annual  conference  in  Dallas,  but  an 
exchange  of  fists  would  have  upped  the 
entertainment  value. 

Of  course,  we  should  be  kind  to  these  com¬ 
batants.  I  mean,  trying  to  sell  a  conference 
hall  full  of  messaging  executives  on  the  won¬ 
ders  of  your  Internet  e-mail  vision  a  day  after 
"Melissa"  makes  everyone  long  for  the  Pony  Express.  Under  those  cir¬ 
cumstances,  it's  surprising  the  audience  didn’t  horsewhip  Microsoft's 
man  in  the  ring.  Exchange  Service  General  Manager  Eric  Lockard. 

"You  guys  all  know  what  I  was  doing  this  weekend,"  Lockard 
sheepishly  told  the  several  hundred  conference  attendees. 

He  knows  what  they  were  doing,  too  —  in  many  cases  picking  up 
the  broken  pieces  of  corporate  mail  servers  that  Melissa  trashed  using 
Microsoft  Word,  Exchange  and  Outlook.  In  fact,  the  audience  was 
thinned  somewhat  by  the  cancellations  and  early  departures  of  man¬ 
agers  who  were  needed  back  at  their  companies  to  fight  fires. 

"The  Great  Debate"  itself  shed  little  new  light  on  the  question  of 
which  vendor  rules  the  messaging  roost,  as  all  the  same-old,  same- 
olds  were  rehashed  around  dubious  claims  of  scalability,  reliability, 
total  cost  of  ownership  and  a  tax  cut  for  every  American.  However,  the 
spectacle  did  provide  moments  of  levity,  most  of  them  unintentional 
and  at  the  expense  of  Microsoft. 

Example:  "There  is  nothing  you  really  need  to  take  the  Exchange 
server  down  for,"  Lockard  boasted.  "We  are  really  designed  to  run  24- 
7-365."  Laughter  is  not  the  reaction  one  hopes  to  hear  when  making 
such  a  claim  at  such  a  forum,  but  it  just  wasn’t  Microsoft's  week. 

Moderator  Joyce  Graff,  a  Gartner  Group  research  director,  didn't 
exactly  toss  the  guy  a  lifeline,  either.  "I  have  to  confess,"  she  said,  "that 
I  hear  many  stories  about  Exchange  outages ...  in  excess  of  two  days." 
She  also  asked  why  it  is  that  every  Exchange  support  call  seems  to 
include  the  words  "and  reboot  the  server." 


Coining  the  next  big  Internet  buzzword  or  catch  phrase  is  a 
goal  all  journalists  secretly  harbor.  Although  I  can't  guarantee  some¬ 
one  hasn't  beaten  him  to  the  punch,  here's  a  worthy  attempt  from 
Network  World  Managing  Editor  Charley  Spekton 

"Notice  that  Amazon.com  started  with  books,  added  CDs,  then  a 
pharmacy,  and  now  just  bought  a  pet  supplies  company.  This  sounds 
like  a  department-store-in-the-making  to  me." 

Or,  you  might  call  it  an  "E-partment  store,"  Spektor  suggests. 
Sounds  plausible  to  these  ears.  After  all,  "portal"  caught  on  and 
nobody  ever  knew  what  the  heck  that  meant 

"Why  not  throw  it  out  as  an  item  in  your  column,  and  watch  the  roy¬ 
alties  and  accolades  flow  in,"  Charley  adds. 

Ten  percent  will  suit  me  just  fine. 


Speaking  of  pet  supplies  (now  there's  a  segue),  here  is  a  line 
from  a  press  release  received  last  week: 

"Idealab  today  announced  the  appointment  of  Tom  McGovern  and 
his  dog  Norris,  as  co-presidents  and  CEOs  of  the  company's  soon-to- 
be-named  pet-related  Internet  venture." 

Idealab  already  has  eToys  to  woof  about  —  and  pet  products  are  a 
$23  billion  industry.  So  we  can't  dismiss  this  latest  venture  outright.  Still, 
I'm  thinking  Norris  may  be  sniffing  at  an  Internet  fire  hydrant  here. 

Not  sure  those  E-partment  royalties  will  let  him  quit  the  day 
job,  McNamara  remains  anxious  to  receive  Internet-related 
news  tips  from  readers.  You  may  contact  him  at  (508)  820- 
7471  or  pmcnamara@nww.com. 


PAUL 

MCNAMARA 
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At  midnight  this  New  Year’s  Eve, 
will  you  want  to  kiss  your  network? 


You  will  if  it’s  Y2K  compliant.  At  Nortel  Network^  we've  helped  thousands  of  customers  understand  the 
steps  necessary  to  prepare  for  the  Y2K  transition.  And  the  best  way  you  can  prepare  is  to  contact  your  local 
Nortel  Networks  distributor.  We've  given  them  the  most  current  information  to  help  you  make  sure  your 
Nortel  Networks  systems  are  Century  Compliant.  What's  more,  through  our  distributors,  we  provide  solutions 
to  help  you  integrate  voice,  video  and  data  into  a  Unified  Network  that  will  serve  your  needs  well  into  the 
future.  So,  start  planning  for  the  new  millennium  today.  For  Century  Compliance  information  or  a  list  of 
authorized  distributors,  contact  us  at  www.nortehrietwoTks.com/i6FV  or  1-800-4  NORTEL,  dept.  16FV.  How  the  world  shares  ideas. 


N&RTEL 

NETWORK 


Nortel  Networks.  Unified  Networks,  the  Nortel  Networks  logo  and  "How  the  world  shares  ideas.*  are  traie  marks  of  Northern  Telecom.  ©1999  Northern  Telecom.  All  rights  reserved. 

Free  Product  info  enter  NWInfoXpress  #7  online  @  www.networkworld.coni/infoxpress 
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you  said  you  need  an  effective  way 
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N  delivers 


ADTRAN  Frame  Relay  IQ.  A  complete  solution  for  •  isdn  Dial  BasttupCa! 

monitoring  and  optimizing  Frame  Relay  performance. 

You  no  longer  have  to  sacrifice  control  to  enjoy  the  cost-savings 
of  a  private  virtual  network.  ADTRAX’s  IQ  solution  gives  you 
everything  you  need  to  stay  on  top  of  Frame  Relay  network 
performance  at  all  times.  These  intelligent,  frame-aware  devices 

v  £7  f. c  pnr  -fy. ;  .;r.a?r 

gather  thorough  Layer  1.  2.  and  3  statistics.  This  data  is  accessible 

using  any  SXMP-based  management 

■  system  (including  our  own  IQ  View1 }. 

Suddenly,  it's  easy  to  identify 

problem  areas,  anticipate  one  Part  °f  ADTRAN  s  complete 

future  demands,  or  simply  peer  line  of  host-to-remote  solutions  for  voice 

into  the  remote  end.  ADTRAX’s  __ A 

and  data  over  Frame  Relay  networks. 

Frame  Relay  IQ  is  quick,  easy, 
and  affordable.  .And  it's  the  only 
solution  of  its  kind  that  offers  a 
reassuring  disaster  recovery  option. 


IQ  View  Protocol  Distribution  screen 


Proactively  manage  your  Frame 
Relay. network  with  ADTFLAXs 
affordable.  Windows  -based 
network  management  program. 


For  a  free  brochure,  call  today 

8??  280-8416  (toll-free] 

wvAv.adtran.com  :qframe 


Experts  choose  ADTRAN 
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